neconyd | 63440946f61f4733abc98e668831f1197d29e3d380bd942e3b4942a943984553 | Triage

Sharing

General

Target

63440946f61f4733abc98e668831f1197d29e3d380bd942e3b4942a943984553.exe
Size

134KB
Sample

250201-wzrfravjft
MD5

9bb2167d80542b7a8deb1ac220bb58cb
SHA1

58e2bf1aca2c5391074cbf46a07b57910c1c0b28
SHA256

63440946f61f4733abc98e668831f1197d29e3d380bd942e3b4942a943984553
SHA512

3bcda1bb9de8048488c48c508aa324fae574e0801b658334f863dd847ea6368782cace737d5064b8d67ee3f2ab5b7d95b6bd76b09cd001a9a1d1f5cd6447d903
SSDEEP

1536:cDfDbhERTatPLTH0iqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwCif:CiRTeH0iqAW6J6f1tqF6dngNmaZCiaI

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  63440946f61f4733abc98e668831f1197d29e3d380bd942e3b4942a943984553.exe
- Size
  
  134KB
- MD5
  
  9bb2167d80542b7a8deb1ac220bb58cb
- SHA1
  
  58e2bf1aca2c5391074cbf46a07b57910c1c0b28
- SHA256
  
  63440946f61f4733abc98e668831f1197d29e3d380bd942e3b4942a943984553
- SHA512
  
  3bcda1bb9de8048488c48c508aa324fae574e0801b658334f863dd847ea6368782cace737d5064b8d67ee3f2ab5b7d95b6bd76b09cd001a9a1d1f5cd6447d903
- SSDEEP
  
  1536:cDfDbhERTatPLTH0iqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwCif:CiRTeH0iqAW6J6f1tqF6dngNmaZCiaI
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan