neconyd | c612ba11465c90d3320090cad81c76ea3d9b7664ce46858fa493f534eda5774a | Triage

Sharing

General

Target

c612ba11465c90d3320090cad81c76ea3d9b7664ce46858fa493f534eda5774a.exe
Size

61KB
Sample

250208-l21r4ayjdy
MD5

619c28a8af1040cc577155be8c9a06fa
SHA1

a1a7098886bf2bb38434a4a8f5d0f445cd38820c
SHA256

c612ba11465c90d3320090cad81c76ea3d9b7664ce46858fa493f534eda5774a
SHA512

8dc564ae6b43aa9a6554c3e273f0f41d4dbed7f6499437404dff37c96f5e64111f01c6e7246c61938678bcc61aeb844abdfd70d59d324b8666ea7152e5d2b4ac
SSDEEP

1536:md9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZxl/5d:edseIOMEZEyFjEOFqTiQmTl/5d

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  c612ba11465c90d3320090cad81c76ea3d9b7664ce46858fa493f534eda5774a.exe
- Size
  
  61KB
- MD5
  
  619c28a8af1040cc577155be8c9a06fa
- SHA1
  
  a1a7098886bf2bb38434a4a8f5d0f445cd38820c
- SHA256
  
  c612ba11465c90d3320090cad81c76ea3d9b7664ce46858fa493f534eda5774a
- SHA512
  
  8dc564ae6b43aa9a6554c3e273f0f41d4dbed7f6499437404dff37c96f5e64111f01c6e7246c61938678bcc61aeb844abdfd70d59d324b8666ea7152e5d2b4ac
- SSDEEP
  
  1536:md9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZxl/5d:edseIOMEZEyFjEOFqTiQmTl/5d
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan