General

  • Target

    09d75d78ddd3c76c7ebca4eb0a8ae6657a6da640072352dd31f3efe4f8447ce1

  • Size

    35KB

  • MD5

    bd99ab830ff2d1ba3e7775175b10d10b

  • SHA1

    6f09874a33a62c472149f17d2bdb64cd951a9864

  • SHA256

    09d75d78ddd3c76c7ebca4eb0a8ae6657a6da640072352dd31f3efe4f8447ce1

  • SHA512

    33c11717b3f7c37e68333f74206831b81f50b725c6ece713fb00af7ba652dbb91f6b3f7b0c2d9eceecc67020099b93a47e7ba30ce839f14c9d2c7c94f6ba6898

  • SSDEEP

    768:M6vjVmakOElpmAsUA7DJHrhto2OsgwAPTUrpiEe7HpB:L8Z0kA7FHlO2OwOTUtKjpB

Score
10/10

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Signatures

  • Neconyd family
  • UPX dump on OEP (original entry point) 1 IoCs
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • 09d75d78ddd3c76c7ebca4eb0a8ae6657a6da640072352dd31f3efe4f8447ce1
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections