neconyd | fcc463783421288a64d9504a5da80ff3f19d7dc994b35311403fe33cac412c9d | Triage

Sharing

General

Target

fcc463783421288a64d9504a5da80ff3f19d7dc994b35311403fe33cac412c9d.exe
Size

96KB
Sample

250225-a3vfxsyqw8
MD5

fae8a07b6d4983746602b7ec8082db35
SHA1

200702a5331d4c705f69621105e7e6170e47d046
SHA256

fcc463783421288a64d9504a5da80ff3f19d7dc994b35311403fe33cac412c9d
SHA512

a9c8a9183cdafeae5e96db5bcca2b9f7b7135dbb6e0f2efb2c1e7dffee8dc5d3e7a6933d4f9846066ada01169d04622a9d9537c6148e7c823ac339a1e6e7a260
SSDEEP

1536:OnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxD:OGs8cd8eXlYairZYqMddH13D

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  fcc463783421288a64d9504a5da80ff3f19d7dc994b35311403fe33cac412c9d.exe
- Size
  
  96KB
- MD5
  
  fae8a07b6d4983746602b7ec8082db35
- SHA1
  
  200702a5331d4c705f69621105e7e6170e47d046
- SHA256
  
  fcc463783421288a64d9504a5da80ff3f19d7dc994b35311403fe33cac412c9d
- SHA512
  
  a9c8a9183cdafeae5e96db5bcca2b9f7b7135dbb6e0f2efb2c1e7dffee8dc5d3e7a6933d4f9846066ada01169d04622a9d9537c6148e7c823ac339a1e6e7a260
- SSDEEP
  
  1536:OnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxD:OGs8cd8eXlYairZYqMddH13D
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan