General
-
Target
bc3a24b871881c766f0a1c1fa42c4c22a7ef1c54fdd478c0cc70e67fa7cdadd0
-
Size
96KB
-
Sample
240522-gyyq4sef44
-
MD5
62837c7633f7b6d0d1a5462454e4f1de
-
SHA1
899cc1e39c8371ae676a7f69e8036d633fa08356
-
SHA256
bc3a24b871881c766f0a1c1fa42c4c22a7ef1c54fdd478c0cc70e67fa7cdadd0
-
SHA512
9d011c0e0ed32f9d5455a492974e9d02eca3630af4e76b2e43167f38cd80ebbe613d4e11e1e0d306fb314ef99ff4fb063cf166309b34cbae6f76ce576b918e6c
-
SSDEEP
1536:unAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:uGs8cd8eXlYairZYqMddH13L
Static task
static1
Behavioral task
behavioral1
Sample
bc3a24b871881c766f0a1c1fa42c4c22a7ef1c54fdd478c0cc70e67fa7cdadd0.exe
Resource
win7-20240508-en
Malware Config
Extracted
neconyd
http://ow5dirasuek.com/
http://mkkuei4kdsz.com/
http://lousta.net/
Targets
-
-
Target
bc3a24b871881c766f0a1c1fa42c4c22a7ef1c54fdd478c0cc70e67fa7cdadd0
-
Size
96KB
-
MD5
62837c7633f7b6d0d1a5462454e4f1de
-
SHA1
899cc1e39c8371ae676a7f69e8036d633fa08356
-
SHA256
bc3a24b871881c766f0a1c1fa42c4c22a7ef1c54fdd478c0cc70e67fa7cdadd0
-
SHA512
9d011c0e0ed32f9d5455a492974e9d02eca3630af4e76b2e43167f38cd80ebbe613d4e11e1e0d306fb314ef99ff4fb063cf166309b34cbae6f76ce576b918e6c
-
SSDEEP
1536:unAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:uGs8cd8eXlYairZYqMddH13L
-
Detects executables built or packed with MPress PE compressor
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-