neconyd | adb11ba0ca2f5e48586b37c5401790505be7709e7b14b0bdef089060b8e819f4 | Triage

Sharing

General

Target

adb11ba0ca2f5e48586b37c5401790505be7709e7b14b0bdef089060b8e819f4
Size

61KB
Sample

250228-bwzbzawvdz
MD5

cb1ef5802aa37c2f3c14232a68d36bc1
SHA1

b907b2e226ebb63f0c5f78b5d7cb010dc5a88b18
SHA256

adb11ba0ca2f5e48586b37c5401790505be7709e7b14b0bdef089060b8e819f4
SHA512

f90f00d74ce287f198eb4e9eedd0785de9ed11dec1ddaf7c1c50e78f938b9165ee2dfae846d2eaeb5b23ae9976d1007b9a9895ebd004f2543ac33fefac675c0c
SSDEEP

768:SMEIvFGvZEr8LFK0ic46N47eSdYAHwmZGp6JXXlaa5uA:SbIvYvZEyFKF6N4yS+AQmZTl/5

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  adb11ba0ca2f5e48586b37c5401790505be7709e7b14b0bdef089060b8e819f4
- Size
  
  61KB
- MD5
  
  cb1ef5802aa37c2f3c14232a68d36bc1
- SHA1
  
  b907b2e226ebb63f0c5f78b5d7cb010dc5a88b18
- SHA256
  
  adb11ba0ca2f5e48586b37c5401790505be7709e7b14b0bdef089060b8e819f4
- SHA512
  
  f90f00d74ce287f198eb4e9eedd0785de9ed11dec1ddaf7c1c50e78f938b9165ee2dfae846d2eaeb5b23ae9976d1007b9a9895ebd004f2543ac33fefac675c0c
- SSDEEP
  
  768:SMEIvFGvZEr8LFK0ic46N47eSdYAHwmZGp6JXXlaa5uA:SbIvYvZEyFKF6N4yS+AQmZTl/5
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan