General

  • Target

    d50fd51541134472aa199a217ba76db89a750e9c8414270e18a7b7c0900de327

  • Size

    35KB

  • Sample

    240521-e7mdbshc96

  • MD5

    6c251b56f1f29db1a40c26778c6d9b69

  • SHA1

    74cab5ac6b40f85de80b2cdb4817077c6c09d898

  • SHA256

    d50fd51541134472aa199a217ba76db89a750e9c8414270e18a7b7c0900de327

  • SHA512

    4e2cba9647ee2db75d78a9b7781ae02a246a08ee8926668aa4861d4e5b51ebcc46c0f10e5e9c1867cc37b06a1bdb25347163f4c41729797f8c5d8ff2c6c45dd5

  • SSDEEP

    768:h6vjVmakOElpmAsUA7DJHrhto2OsgwAPTUrpiEe7HpB:s8Z0kA7FHlO2OwOTUtKjpB

Score
10/10

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      d50fd51541134472aa199a217ba76db89a750e9c8414270e18a7b7c0900de327

    • Size

      35KB

    • MD5

      6c251b56f1f29db1a40c26778c6d9b69

    • SHA1

      74cab5ac6b40f85de80b2cdb4817077c6c09d898

    • SHA256

      d50fd51541134472aa199a217ba76db89a750e9c8414270e18a7b7c0900de327

    • SHA512

      4e2cba9647ee2db75d78a9b7781ae02a246a08ee8926668aa4861d4e5b51ebcc46c0f10e5e9c1867cc37b06a1bdb25347163f4c41729797f8c5d8ff2c6c45dd5

    • SSDEEP

      768:h6vjVmakOElpmAsUA7DJHrhto2OsgwAPTUrpiEe7HpB:s8Z0kA7FHlO2OwOTUtKjpB

    Score
    10/10
    • Neconyd

      Neconyd is a trojan written in C++.

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks