Overview

overview

10

Static

static

10

0eac0c6580...a0.exe

windows7-x64

10

0eac0c6580...a0.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0eac0c658060c898e4f62923bc68f75451d1902622737fb32830d30ef4851fa0

  • Size

    35KB

  • Sample

    240618-w8tx8sycnm

  • MD5

    2722bd2cd03750d635b38c621c899435

  • SHA1

    3a88b6e68e5b53ded2dcd11e0618a4a6873c6d83

  • SHA256

    0eac0c658060c898e4f62923bc68f75451d1902622737fb32830d30ef4851fa0

  • SHA512

    5554b22532d760915d0cb8bbc75b7aaf749f82c4bc4229a0cb175465a6d49ede84189693381eaba39d0e424349683a99ce0305c15268acd335acf34564591674

  • SSDEEP

    768:K6vjVmakOElpmAsUA7DJHrhto2OsgwAPTUrpiEe7HpB:J8Z0kA7FHlO2OwOTUtKjpB

Score
10/10
neconydtrojanupx

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      0eac0c658060c898e4f62923bc68f75451d1902622737fb32830d30ef4851fa0

    • Size

      35KB

    • MD5

      2722bd2cd03750d635b38c621c899435

    • SHA1

      3a88b6e68e5b53ded2dcd11e0618a4a6873c6d83

    • SHA256

      0eac0c658060c898e4f62923bc68f75451d1902622737fb32830d30ef4851fa0

    • SHA512

      5554b22532d760915d0cb8bbc75b7aaf749f82c4bc4229a0cb175465a6d49ede84189693381eaba39d0e424349683a99ce0305c15268acd335acf34564591674

    • SSDEEP

      768:K6vjVmakOElpmAsUA7DJHrhto2OsgwAPTUrpiEe7HpB:J8Z0kA7FHlO2OwOTUtKjpB

    Score
    10/10
    neconydtrojanupx

    • Neconyd

      Neconyd is a trojan written in C++.

      trojanneconyd

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks