General

  • Target

    8e8129a2066c6aa204b7ab74fc93159c7d6207b2d59db9962cf4f1d96c57e501

  • Size

    119KB

  • Sample

    240518-3vw9rseh2z

  • MD5

    47c79efde756dd0e81edc02d84d08939

  • SHA1

    3ad3b96196e6eaaa05f4a92efd540233d6b7f3a3

  • SHA256

    8e8129a2066c6aa204b7ab74fc93159c7d6207b2d59db9962cf4f1d96c57e501

  • SHA512

    d04c01517947f7ba0eac8b2c2a72000303cd00340195372708c45f1c175a2b4ebf3e77b12715710c1dbb5869131abbdba3d964ee0377dad3bfe7278866878ef6

  • SSDEEP

    1536:nd9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZznOeibgX7H:PdseIOMEZEyFjEOFqTiQmxnOeV7H

Score
10/10

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      8e8129a2066c6aa204b7ab74fc93159c7d6207b2d59db9962cf4f1d96c57e501

    • Size

      119KB

    • MD5

      47c79efde756dd0e81edc02d84d08939

    • SHA1

      3ad3b96196e6eaaa05f4a92efd540233d6b7f3a3

    • SHA256

      8e8129a2066c6aa204b7ab74fc93159c7d6207b2d59db9962cf4f1d96c57e501

    • SHA512

      d04c01517947f7ba0eac8b2c2a72000303cd00340195372708c45f1c175a2b4ebf3e77b12715710c1dbb5869131abbdba3d964ee0377dad3bfe7278866878ef6

    • SSDEEP

      1536:nd9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZznOeibgX7H:PdseIOMEZEyFjEOFqTiQmxnOeV7H

    Score
    10/10
    • Neconyd

      Neconyd is a trojan written in C++.

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks