neconyd | ffb526fc92007ca7be56fe7a718f2a024289039d34aa261765cf65b910cd526f | Triage

Sharing

General

Target

ffb526fc92007ca7be56fe7a718f2a024289039d34aa261765cf65b910cd526f.exe
Size

61KB
Sample

250126-1g1c6avmds
MD5

7359492f788df1f863ca9cb1107fe99d
SHA1

fa5027dbb7584cedafea45cae2c2d8a678078905
SHA256

ffb526fc92007ca7be56fe7a718f2a024289039d34aa261765cf65b910cd526f
SHA512

f44d84d96ee58028ef625356bf45db9ae92fd174fc41da6a3d0b8c6626720068083bf47c043d61bedfee7a2adad981c3fa14594deb1bee95a04190c70fc5e515
SSDEEP

1536:Ld9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZxl/5f:7dseIOMEZEyFjEOFqTiQmTl/5f

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  ffb526fc92007ca7be56fe7a718f2a024289039d34aa261765cf65b910cd526f.exe
- Size
  
  61KB
- MD5
  
  7359492f788df1f863ca9cb1107fe99d
- SHA1
  
  fa5027dbb7584cedafea45cae2c2d8a678078905
- SHA256
  
  ffb526fc92007ca7be56fe7a718f2a024289039d34aa261765cf65b910cd526f
- SHA512
  
  f44d84d96ee58028ef625356bf45db9ae92fd174fc41da6a3d0b8c6626720068083bf47c043d61bedfee7a2adad981c3fa14594deb1bee95a04190c70fc5e515
- SSDEEP
  
  1536:Ld9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZxl/5f:7dseIOMEZEyFjEOFqTiQmTl/5f
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan