neconyd | 813bd52d23f1d483921ee2d2c667ebab1c7a8df0f17bfa78534b80699752353c | Triage

Sharing

General

Target

813bd52d23f1d483921ee2d2c667ebab1c7a8df0f17bfa78534b80699752353c.exe
Size

96KB
Sample

250202-jgf6va1rhw
MD5

7fcd7e5707d004b75fb0760d1e26bb82
SHA1

0f7a4d3519bb949d4ce79640c88104acd4cabd10
SHA256

813bd52d23f1d483921ee2d2c667ebab1c7a8df0f17bfa78534b80699752353c
SHA512

4a678ace5c8cc26ca5b01cfa22be29de5c46479ce2c3b678f303a18ff0547233b0a7d12ac4f4e56cb4770c202d09a12a5beb47150c73164c5b6cda540e2f512a
SSDEEP

1536:unAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxj:uGs8cd8eXlYairZYqMddH13j

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  813bd52d23f1d483921ee2d2c667ebab1c7a8df0f17bfa78534b80699752353c.exe
- Size
  
  96KB
- MD5
  
  7fcd7e5707d004b75fb0760d1e26bb82
- SHA1
  
  0f7a4d3519bb949d4ce79640c88104acd4cabd10
- SHA256
  
  813bd52d23f1d483921ee2d2c667ebab1c7a8df0f17bfa78534b80699752353c
- SHA512
  
  4a678ace5c8cc26ca5b01cfa22be29de5c46479ce2c3b678f303a18ff0547233b0a7d12ac4f4e56cb4770c202d09a12a5beb47150c73164c5b6cda540e2f512a
- SSDEEP
  
  1536:unAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxj:uGs8cd8eXlYairZYqMddH13j
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan