neconyd | b85eebac4de12252d44d65df86992eb43b17c140f36b22c0318b1737111b02eb | Triage

Sharing

General

Target

b85eebac4de12252d44d65df86992eb43b17c140f36b22c0318b1737111b02eb.exe
Size

96KB
Sample

250202-vqkq6s1mfx
MD5

5660f5cb7b91cea1ede70afff53730ee
SHA1

d07850e367820b066ab16efd1227bef7720b8543
SHA256

b85eebac4de12252d44d65df86992eb43b17c140f36b22c0318b1737111b02eb
SHA512

8e54277ad848011b38a3312fa44b161fc03c771cab22b65f5ed6d66e6bce63da4c70ca94c81df3dec155524b446d51bcf58395526c7c53338f213f302483d4b3
SSDEEP

1536:KnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:KGs8cd8eXlYairZYqMddH13L

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  b85eebac4de12252d44d65df86992eb43b17c140f36b22c0318b1737111b02eb.exe
- Size
  
  96KB
- MD5
  
  5660f5cb7b91cea1ede70afff53730ee
- SHA1
  
  d07850e367820b066ab16efd1227bef7720b8543
- SHA256
  
  b85eebac4de12252d44d65df86992eb43b17c140f36b22c0318b1737111b02eb
- SHA512
  
  8e54277ad848011b38a3312fa44b161fc03c771cab22b65f5ed6d66e6bce63da4c70ca94c81df3dec155524b446d51bcf58395526c7c53338f213f302483d4b3
- SSDEEP
  
  1536:KnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:KGs8cd8eXlYairZYqMddH13L
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan