neconyd | eb97754d04e56e7e6f00cb03bbd05f0923fc0403f2ecbfb9efa090c890b25ea5 | Triage

Sharing

General

Target

eb97754d04e56e7e6f00cb03bbd05f0923fc0403f2ecbfb9efa090c890b25ea5.exe
Size

80KB
Sample

250125-dj5dkasnaw
MD5

518e6b9d214afd8d61414dbbb36e505d
SHA1

7f4f90331832ff8df74bf89ad116570543e3bc16
SHA256

eb97754d04e56e7e6f00cb03bbd05f0923fc0403f2ecbfb9efa090c890b25ea5
SHA512

29a11dce3a7862e726cabe8245528af47bd8288a47004675bb40d8c3972d9445b81b81dbe01d142d58536b6ae889bc1e70d9def8ddd96e3036a67268f84473be
SSDEEP

1536:rd9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZcl/52izbR9Xwzr:bdseIOMEZEyFjEOFqTiQmOl/5xPvwv

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  eb97754d04e56e7e6f00cb03bbd05f0923fc0403f2ecbfb9efa090c890b25ea5.exe
- Size
  
  80KB
- MD5
  
  518e6b9d214afd8d61414dbbb36e505d
- SHA1
  
  7f4f90331832ff8df74bf89ad116570543e3bc16
- SHA256
  
  eb97754d04e56e7e6f00cb03bbd05f0923fc0403f2ecbfb9efa090c890b25ea5
- SHA512
  
  29a11dce3a7862e726cabe8245528af47bd8288a47004675bb40d8c3972d9445b81b81dbe01d142d58536b6ae889bc1e70d9def8ddd96e3036a67268f84473be
- SSDEEP
  
  1536:rd9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZcl/52izbR9Xwzr:bdseIOMEZEyFjEOFqTiQmOl/5xPvwv
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan