Overview

overview

10

Static

static

3

NEAS.3fdab...JC.exe

windows7-x64

10

NEAS.3fdab...JC.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.3fdab96491d09b032acf294ae8bb3ba0_JC.exe

  • Size

    134KB

  • Sample

    231102-k7zljsbh89

  • MD5

    3fdab96491d09b032acf294ae8bb3ba0

  • SHA1

    cd46151c6d79f9bb0e717345a62ad8fee0eb26f3

  • SHA256

    720fc24af0a1434e4cf7016841e4ce06ba3e3e317992fc14cce58173be57199a

  • SHA512

    8423db1574166ba9c1d5c1e2ad6e0828f94ef8e81df4f9fd8b90c067eea12ca657383a8c9f538ff909aceb86613c84996338581b9a0f5cc043b71e1fccea987c

  • SSDEEP

    1536:hDfDbhERTatPLTH0NqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwC7M:BiRTeH0NqAW6J6f1tqF6dngNmaZC7M

Score
10/10
neconydtrojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      NEAS.3fdab96491d09b032acf294ae8bb3ba0_JC.exe

    • Size

      134KB

    • MD5

      3fdab96491d09b032acf294ae8bb3ba0

    • SHA1

      cd46151c6d79f9bb0e717345a62ad8fee0eb26f3

    • SHA256

      720fc24af0a1434e4cf7016841e4ce06ba3e3e317992fc14cce58173be57199a

    • SHA512

      8423db1574166ba9c1d5c1e2ad6e0828f94ef8e81df4f9fd8b90c067eea12ca657383a8c9f538ff909aceb86613c84996338581b9a0f5cc043b71e1fccea987c

    • SSDEEP

      1536:hDfDbhERTatPLTH0NqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwC7M:BiRTeH0NqAW6J6f1tqF6dngNmaZC7M

    Score
    10/10
    neconydtrojan

    • Neconyd

      Neconyd is a trojan written in C++.

      trojanneconyd

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks