General

  • Target

    45b515836a3dfa689dd58b37f602dbd58d958c1edcdd5e3b10948c5c3ff9e25a

  • Size

    35KB

  • MD5

    3c65da08f69cafba2ca11003d9c2beed

  • SHA1

    c361b84280221575d1da3e25d55cf9de1d0fc823

  • SHA256

    45b515836a3dfa689dd58b37f602dbd58d958c1edcdd5e3b10948c5c3ff9e25a

  • SHA512

    763655f79072b74ef5c4d19f62f8335202a89ef96218a07da9488572fb86af5929f03f10ee260b57d62b49abb03f233506f8370afbda2edfe88c5957405e8827

  • SSDEEP

    768:m6vjVmakOElpmAsUA7DJHrhto2OsgwAPTUrpiEe7HpB:98Z0kA7FHlO2OwOTUtKjpB

Score
10/10

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Signatures

  • Neconyd family
  • UPX dump on OEP (original entry point) 1 IoCs
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • 45b515836a3dfa689dd58b37f602dbd58d958c1edcdd5e3b10948c5c3ff9e25a
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections