neconyd | 05fae45a3ced7b2ea7efab6b5e3c7789b6f87a3758ad393d00e50f18964dd8ea | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

05fae45a3c...aN.exe

windows7-x64

05fae45a3c...aN.exe

windows10-2004-x64

Sharing

General

Target

05fae45a3ced7b2ea7efab6b5e3c7789b6f87a3758ad393d00e50f18964dd8eaN.exe
Size

316KB
Sample

250208-jmaagstjhv
MD5

b3530d6ad93fa9abfcf1707e42fe7710
SHA1

796fb8a6d16ddba69cfaf1ce5cfb57fd5eb689d2
SHA256

05fae45a3ced7b2ea7efab6b5e3c7789b6f87a3758ad393d00e50f18964dd8ea
SHA512

a5c3779835e0f64d476c30003810d3c717afd934a1a2666d0e69d9edb691783b36cbbb934bf102b341a73c74b537b84df1fe4e24593fadace4fb81eb6641ba07
SSDEEP

1536:u4d9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZUnOHBRzU:uIdseIO+EZEyFjEOFqTiQmKnOHjzU

Score

10^/10

neconyd discovery trojan upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

05fae45a3ced7b2ea7efab6b5e3c7789b6f87a3758ad393d00e50f18964dd8eaN.exe

Resource

win7-20241010-en

neconyd discovery trojan upx

windows7-x64

6 signatures

120 seconds

Behavioral task

behavioral2

Sample

05fae45a3ced7b2ea7efab6b5e3c7789b6f87a3758ad393d00e50f18964dd8eaN.exe

Resource

win10v2004-20250207-en

neconyd discovery trojan upx

windows10-2004-x64

7 signatures

120 seconds

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  05fae45a3ced7b2ea7efab6b5e3c7789b6f87a3758ad393d00e50f18964dd8eaN.exe
- Size
  
  316KB
- MD5
  
  b3530d6ad93fa9abfcf1707e42fe7710
- SHA1
  
  796fb8a6d16ddba69cfaf1ce5cfb57fd5eb689d2
- SHA256
  
  05fae45a3ced7b2ea7efab6b5e3c7789b6f87a3758ad393d00e50f18964dd8ea
- SHA512
  
  a5c3779835e0f64d476c30003810d3c717afd934a1a2666d0e69d9edb691783b36cbbb934bf102b341a73c74b537b84df1fe4e24593fadace4fb81eb6641ba07
- SSDEEP
  
  1536:u4d9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZUnOHBRzU:uIdseIO+EZEyFjEOFqTiQmKnOHjzU
Score

10^/10

neconyd discovery trojan upx
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Downloads MZ/PE file
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojanupx

behavioral2

neconyddiscoverytrojanupx

© 2018-2025

Terms | Privacy