Overview

overview

10

Static

static

10

7c1c369f13...6a.exe

windows7-x64

10

7c1c369f13...6a.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7c1c369f13d684b5d0db3c1cbe91e3ab8193f5f4bc3d6d5ef1b147114bf1516a

  • Size

    96KB

  • Sample

    240522-3hd8esdc45

  • MD5

    8ea940fd1dd40ecdd53a3b8b35343c25

  • SHA1

    487e78f505875dd49cd42d44d557722261a1176d

  • SHA256

    7c1c369f13d684b5d0db3c1cbe91e3ab8193f5f4bc3d6d5ef1b147114bf1516a

  • SHA512

    70c077ad17d0f63446edfac760c94142ddb3efbd9da144c1bb77b58585489df0e903784111d93fa5b470444de6a932503dc1acfae077d5c7605ffa39a93d4c26

  • SSDEEP

    1536:cnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:cGs8cd8eXlYairZYqMddH13L

Score
10/10
neconydtrojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      7c1c369f13d684b5d0db3c1cbe91e3ab8193f5f4bc3d6d5ef1b147114bf1516a

    • Size

      96KB

    • MD5

      8ea940fd1dd40ecdd53a3b8b35343c25

    • SHA1

      487e78f505875dd49cd42d44d557722261a1176d

    • SHA256

      7c1c369f13d684b5d0db3c1cbe91e3ab8193f5f4bc3d6d5ef1b147114bf1516a

    • SHA512

      70c077ad17d0f63446edfac760c94142ddb3efbd9da144c1bb77b58585489df0e903784111d93fa5b470444de6a932503dc1acfae077d5c7605ffa39a93d4c26

    • SSDEEP

      1536:cnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:cGs8cd8eXlYairZYqMddH13L

    Score
    10/10
    neconydtrojan

    • Neconyd

      Neconyd is a trojan written in C++.

      trojanneconyd

    • Detects executables built or packed with MPress PE compressor

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks