General

  • Target

    034a689526180b789e452c9aa8413780.exe

  • Size

    134KB

  • Sample

    240519-ln7y9acd77

  • MD5

    034a689526180b789e452c9aa8413780

  • SHA1

    fb3eba1cb5aabe2ea27cc67ad9b83750a648f8a6

  • SHA256

    1a3a50e0b846fa152182f672e97991d0c414c54c282b3b0d3a6fdf2974e88066

  • SHA512

    2a0f1174c71dfb0f4ecfc9f1d2b935b5ec9dd1079873918c1f659c0fd82a467dbd8f7f3d0e2a230620cedb4179c2b488306eba70943c499744ec2a59665d7725

  • SSDEEP

    1536:EDfDbhERTatPLTH0iqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwCia:aiRTeH0iqAW6J6f1tqF6dngNmaZCia

Score
10/10

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      034a689526180b789e452c9aa8413780.exe

    • Size

      134KB

    • MD5

      034a689526180b789e452c9aa8413780

    • SHA1

      fb3eba1cb5aabe2ea27cc67ad9b83750a648f8a6

    • SHA256

      1a3a50e0b846fa152182f672e97991d0c414c54c282b3b0d3a6fdf2974e88066

    • SHA512

      2a0f1174c71dfb0f4ecfc9f1d2b935b5ec9dd1079873918c1f659c0fd82a467dbd8f7f3d0e2a230620cedb4179c2b488306eba70943c499744ec2a59665d7725

    • SSDEEP

      1536:EDfDbhERTatPLTH0iqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwCia:aiRTeH0iqAW6J6f1tqF6dngNmaZCia

    Score
    10/10
    • Neconyd

      Neconyd is a trojan written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks