neconyd | 065b3fb2f322d9e92e331a016e3e71302c9061925422ac41deac61fc7a34f76b | Triage

Sharing

General

Target

065b3fb2f322d9e92e331a016e3e71302c9061925422ac41deac61fc7a34f76bN.exe
Size

76KB
Sample

250124-s2r9aavpd1
MD5

81fcbbf335f57c98713f9ed7cbde61c0
SHA1

fd441e63eba1e52c49fe0a4c746cb68177af9979
SHA256

065b3fb2f322d9e92e331a016e3e71302c9061925422ac41deac61fc7a34f76b
SHA512

c9476c644af262c4c9339b82d913922e867e91994512523624cf7675db5be265ce495c7b4493e5d0ae4ce877587371acb6d2197481fe92346f65c1b197f38760
SSDEEP

1536:cd9dseIOcE93bIvYvZEyF4EEOF6N4XS+AQmZTl/5w11f:kdseIOMEZEyFjEOFqaiQm5l/5w11f

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  065b3fb2f322d9e92e331a016e3e71302c9061925422ac41deac61fc7a34f76bN.exe
- Size
  
  76KB
- MD5
  
  81fcbbf335f57c98713f9ed7cbde61c0
- SHA1
  
  fd441e63eba1e52c49fe0a4c746cb68177af9979
- SHA256
  
  065b3fb2f322d9e92e331a016e3e71302c9061925422ac41deac61fc7a34f76b
- SHA512
  
  c9476c644af262c4c9339b82d913922e867e91994512523624cf7675db5be265ce495c7b4493e5d0ae4ce877587371acb6d2197481fe92346f65c1b197f38760
- SSDEEP
  
  1536:cd9dseIOcE93bIvYvZEyF4EEOF6N4XS+AQmZTl/5w11f:kdseIOMEZEyFjEOFqaiQm5l/5w11f
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan