Overview

overview

10

Static

static

10

a7c4f6008b...41.exe

windows7-x64

10

a7c4f6008b...41.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a7c4f6008b758ac75af05bccfe287b7a08de5dec396bc98b692c9e319462de41

  • Size

    96KB

  • Sample

    240617-a39wlswdpf

  • MD5

    d1c27ecccb65f2617feb3ed6cce46f5c

  • SHA1

    f372207c4b3cf8b97a6b754d7c272bda9f2ce640

  • SHA256

    a7c4f6008b758ac75af05bccfe287b7a08de5dec396bc98b692c9e319462de41

  • SHA512

    8300e9041268b565d91a903bd59d675b3b1fa4aeb31f736a0aa0cd5d2dd5a2cda7b8d14fb8ceef39d66f4eaa5b83357ea554a2f52423e6dde2f243a3eca59888

  • SSDEEP

    1536:VnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:VGs8cd8eXlYairZYqMddH13L

Score
10/10
neconydtrojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      a7c4f6008b758ac75af05bccfe287b7a08de5dec396bc98b692c9e319462de41

    • Size

      96KB

    • MD5

      d1c27ecccb65f2617feb3ed6cce46f5c

    • SHA1

      f372207c4b3cf8b97a6b754d7c272bda9f2ce640

    • SHA256

      a7c4f6008b758ac75af05bccfe287b7a08de5dec396bc98b692c9e319462de41

    • SHA512

      8300e9041268b565d91a903bd59d675b3b1fa4aeb31f736a0aa0cd5d2dd5a2cda7b8d14fb8ceef39d66f4eaa5b83357ea554a2f52423e6dde2f243a3eca59888

    • SSDEEP

      1536:VnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:VGs8cd8eXlYairZYqMddH13L

    Score
    10/10
    neconydtrojan

    • Neconyd

      Neconyd is a trojan written in C++.

      trojanneconyd

    • Detects executables built or packed with MPress PE compressor

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks