neconyd | 7ec7417b9746b94dffa98075f7e15a52ccf18763e5d4784555a2f8b11d1e8a38 | Triage

Sharing

General

Target

7ec7417b9746b94dffa98075f7e15a52ccf18763e5d4784555a2f8b11d1e8a38N.exe
Size

96KB
Sample

250124-rm9dkstqan
MD5

d1c25d28aa9af072868f45ef116b3740
SHA1

ea8f590868b6dfdadae4ddf8e37b0f3973b1ecd6
SHA256

7ec7417b9746b94dffa98075f7e15a52ccf18763e5d4784555a2f8b11d1e8a38
SHA512

2ca62e04345a1ae85b50db9875493e2b0750dae5514cb2469f9160b052c21800c60e457342a6e330ffd41d97e2fde3f6732bda90a21c1f362a0164f4241e7358
SSDEEP

1536:rnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxb:rGs8cd8eXlYairZYqMddH13b

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  7ec7417b9746b94dffa98075f7e15a52ccf18763e5d4784555a2f8b11d1e8a38N.exe
- Size
  
  96KB
- MD5
  
  d1c25d28aa9af072868f45ef116b3740
- SHA1
  
  ea8f590868b6dfdadae4ddf8e37b0f3973b1ecd6
- SHA256
  
  7ec7417b9746b94dffa98075f7e15a52ccf18763e5d4784555a2f8b11d1e8a38
- SHA512
  
  2ca62e04345a1ae85b50db9875493e2b0750dae5514cb2469f9160b052c21800c60e457342a6e330ffd41d97e2fde3f6732bda90a21c1f362a0164f4241e7358
- SSDEEP
  
  1536:rnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxb:rGs8cd8eXlYairZYqMddH13b
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan