General

  • Target

    f967f1ad8e6dd19dc52f89a801b7f5d0efb1187b19196658d3f6a74b4560bc85

  • Size

    68KB

  • Sample

    240519-ewpz3sab73

  • MD5

    d5b0ed2a447367ba52632c3933eb84d1

  • SHA1

    7ae054f0efd646a16d97428215a52a3718027b83

  • SHA256

    f967f1ad8e6dd19dc52f89a801b7f5d0efb1187b19196658d3f6a74b4560bc85

  • SHA512

    9927860cfe50caabbd549ddb0b66677113289cbb55e2a8b1bcf4456459d084a77459444ad9420fc675f3dcb577f9c292a191e9689b02a91854d608958e43c813

  • SSDEEP

    1536:Od9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZTl/5:WdseIOMEZEyFjEOFqTiQm5l/5

Score
10/10

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      f967f1ad8e6dd19dc52f89a801b7f5d0efb1187b19196658d3f6a74b4560bc85

    • Size

      68KB

    • MD5

      d5b0ed2a447367ba52632c3933eb84d1

    • SHA1

      7ae054f0efd646a16d97428215a52a3718027b83

    • SHA256

      f967f1ad8e6dd19dc52f89a801b7f5d0efb1187b19196658d3f6a74b4560bc85

    • SHA512

      9927860cfe50caabbd549ddb0b66677113289cbb55e2a8b1bcf4456459d084a77459444ad9420fc675f3dcb577f9c292a191e9689b02a91854d608958e43c813

    • SSDEEP

      1536:Od9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZTl/5:WdseIOMEZEyFjEOFqTiQm5l/5

    Score
    10/10
    • Neconyd

      Neconyd is a trojan written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks