neconyd | 33a402fc0cf6afdaeb3bd4491a6a8a9a58731a2d48de68af96b58eee1a034f0b | Triage

Sharing

General

Target

33a402fc0cf6afdaeb3bd4491a6a8a9a58731a2d48de68af96b58eee1a034f0b.exe
Size

96KB
Sample

250124-t85zdsxpdw
MD5

9c5a9ad759d63824e7e07c1a820259cf
SHA1

b666d9a995fca47c54d9cc9f8b329f3ae4dffa29
SHA256

33a402fc0cf6afdaeb3bd4491a6a8a9a58731a2d48de68af96b58eee1a034f0b
SHA512

128eff79593bcb8b1dda902146c19e4db046274b78b427b15dc1048765d400e205e1c9b79d7189fe8b5ae0d2c4e7c25e5b0c7d34f5aeec9fcee21e905a2327da
SSDEEP

1536:OnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxx7:OGs8cd8eXlYairZYqMddH137

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  33a402fc0cf6afdaeb3bd4491a6a8a9a58731a2d48de68af96b58eee1a034f0b.exe
- Size
  
  96KB
- MD5
  
  9c5a9ad759d63824e7e07c1a820259cf
- SHA1
  
  b666d9a995fca47c54d9cc9f8b329f3ae4dffa29
- SHA256
  
  33a402fc0cf6afdaeb3bd4491a6a8a9a58731a2d48de68af96b58eee1a034f0b
- SHA512
  
  128eff79593bcb8b1dda902146c19e4db046274b78b427b15dc1048765d400e205e1c9b79d7189fe8b5ae0d2c4e7c25e5b0c7d34f5aeec9fcee21e905a2327da
- SSDEEP
  
  1536:OnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxx7:OGs8cd8eXlYairZYqMddH137
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan