neconyd | 0d33e387cd1daf3abeb7d7e3d369ad96e0464d0caf5db0ef91bee82ea0c3341d | Triage

Sharing

General

Target

0d33e387cd1daf3abeb7d7e3d369ad96e0464d0caf5db0ef91bee82ea0c3341d
Size

89KB
Sample

250212-yf49lswpar
MD5

e37a2f084dbe264d261612f9a01cbcca
SHA1

1bbddcb9c7614b6b3e5f7a4efebb90c507a11e96
SHA256

0d33e387cd1daf3abeb7d7e3d369ad96e0464d0caf5db0ef91bee82ea0c3341d
SHA512

ca0268857e00b0ac35f301db6a01af48cdc90e30dbe9519ee7970e5fc33eed0f227df40e858c9f328aeba72bb00c0003590fe9e5aad8d00b30f33a6b3f73f53f
SSDEEP

768:vMEIvFGvZEr8LFK0ic46N47eSdYAHwmZGp6JXXlaa5uA1:vbIvYvZEyFKF6N4yS+AQmZTl/5d

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  0d33e387cd1daf3abeb7d7e3d369ad96e0464d0caf5db0ef91bee82ea0c3341d
- Size
  
  89KB
- MD5
  
  e37a2f084dbe264d261612f9a01cbcca
- SHA1
  
  1bbddcb9c7614b6b3e5f7a4efebb90c507a11e96
- SHA256
  
  0d33e387cd1daf3abeb7d7e3d369ad96e0464d0caf5db0ef91bee82ea0c3341d
- SHA512
  
  ca0268857e00b0ac35f301db6a01af48cdc90e30dbe9519ee7970e5fc33eed0f227df40e858c9f328aeba72bb00c0003590fe9e5aad8d00b30f33a6b3f73f53f
- SSDEEP
  
  768:vMEIvFGvZEr8LFK0ic46N47eSdYAHwmZGp6JXXlaa5uA1:vbIvYvZEyFKF6N4yS+AQmZTl/5d
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan