Overview

overview

10

Static

static

10

69c50512ad...1f.exe

windows7-x64

10

69c50512ad...1f.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    69c50512add578cf1523cc690877c35e61dafe105472320d5c619d594930371f

  • Size

    96KB

  • Sample

    240616-15ljxazhpd

  • MD5

    a5695f66f5e56ec8ceb2d4104b5c169d

  • SHA1

    213fe3490e05f89cd98d64e1366f35e1b6ecdc82

  • SHA256

    69c50512add578cf1523cc690877c35e61dafe105472320d5c619d594930371f

  • SHA512

    ccc5b57917d6c05c9644ccef2a04fb940b015223e979b10312a8b4fa71f5b7e77896242231e6149f55bfc66ec282d6f34460d06fd51629bbb2d4d23364d3ccd1

  • SSDEEP

    1536:hnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:hGs8cd8eXlYairZYqMddH13L

Score
10/10
neconydtrojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      69c50512add578cf1523cc690877c35e61dafe105472320d5c619d594930371f

    • Size

      96KB

    • MD5

      a5695f66f5e56ec8ceb2d4104b5c169d

    • SHA1

      213fe3490e05f89cd98d64e1366f35e1b6ecdc82

    • SHA256

      69c50512add578cf1523cc690877c35e61dafe105472320d5c619d594930371f

    • SHA512

      ccc5b57917d6c05c9644ccef2a04fb940b015223e979b10312a8b4fa71f5b7e77896242231e6149f55bfc66ec282d6f34460d06fd51629bbb2d4d23364d3ccd1

    • SSDEEP

      1536:hnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:hGs8cd8eXlYairZYqMddH13L

    Score
    10/10
    neconydtrojan

    • Neconyd

      Neconyd is a trojan written in C++.

      trojanneconyd

    • Detects executables built or packed with MPress PE compressor

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks