General

  • Target

    35e853913f8cd670cfb4914e57b63c7f5c7c334e8349a8754af67dba403c3ec3

  • Size

    35KB

  • Sample

    240520-zvcnksgh4z

  • MD5

    b5a33ef534f1b9066b20e887bb5035cd

  • SHA1

    a0b6ee5d73cd95f975dc2792f3a01e54a0f93ba6

  • SHA256

    35e853913f8cd670cfb4914e57b63c7f5c7c334e8349a8754af67dba403c3ec3

  • SHA512

    c305a5ecfb25e7699b4255334ce545f6c0dddc1abb0a7c07c745f6c5b525501016a84c4c25ea1ec700595bd2a56f16de68d66b1488fe94d35b77fe6044e07009

  • SSDEEP

    768:Z6vjVmakOElpmAsUA7DJHrhto2OsgwAPTUrpiEe7HpB:08Z0kA7FHlO2OwOTUtKjpB

Score
10/10

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      35e853913f8cd670cfb4914e57b63c7f5c7c334e8349a8754af67dba403c3ec3

    • Size

      35KB

    • MD5

      b5a33ef534f1b9066b20e887bb5035cd

    • SHA1

      a0b6ee5d73cd95f975dc2792f3a01e54a0f93ba6

    • SHA256

      35e853913f8cd670cfb4914e57b63c7f5c7c334e8349a8754af67dba403c3ec3

    • SHA512

      c305a5ecfb25e7699b4255334ce545f6c0dddc1abb0a7c07c745f6c5b525501016a84c4c25ea1ec700595bd2a56f16de68d66b1488fe94d35b77fe6044e07009

    • SSDEEP

      768:Z6vjVmakOElpmAsUA7DJHrhto2OsgwAPTUrpiEe7HpB:08Z0kA7FHlO2OwOTUtKjpB

    Score
    10/10
    • Neconyd

      Neconyd is a trojan written in C++.

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks