neconyd | 62ac3574bd12cc74abfd717ae484ff082cbf287eb5c3ced887bd5f5abc22fe33 | Triage

Sharing

General

Target

62ac3574bd12cc74abfd717ae484ff082cbf287eb5c3ced887bd5f5abc22fe33N.exe
Size

134KB
Sample

250202-daj19stmhq
MD5

51dad8da4937b0553e89916281ade2a0
SHA1

750688fe6ba6efd508f34275a8a1584d20ff97e8
SHA256

62ac3574bd12cc74abfd717ae484ff082cbf287eb5c3ced887bd5f5abc22fe33
SHA512

6fb2f41cf9db6176f47430c190e08bcacd9dae64e5865ba062e703fda17003ee22f45b96200a265fec6e16ad311ce051728bb9118e2ca62842127ce04c4ca677
SSDEEP

1536:cDfDbhERTatPLTH0iqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwCia:CiRTeH0iqAW6J6f1tqF6dngNmaZCia

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  62ac3574bd12cc74abfd717ae484ff082cbf287eb5c3ced887bd5f5abc22fe33N.exe
- Size
  
  134KB
- MD5
  
  51dad8da4937b0553e89916281ade2a0
- SHA1
  
  750688fe6ba6efd508f34275a8a1584d20ff97e8
- SHA256
  
  62ac3574bd12cc74abfd717ae484ff082cbf287eb5c3ced887bd5f5abc22fe33
- SHA512
  
  6fb2f41cf9db6176f47430c190e08bcacd9dae64e5865ba062e703fda17003ee22f45b96200a265fec6e16ad311ce051728bb9118e2ca62842127ce04c4ca677
- SSDEEP
  
  1536:cDfDbhERTatPLTH0iqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwCia:CiRTeH0iqAW6J6f1tqF6dngNmaZCia
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan