Overview

overview

10

Static

static

10

f91bc899ed...eb.exe

windows7-x64

10

f91bc899ed...eb.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f91bc899edac228033129fd629e3624ceba3e71eb760fb2ec9691e98c6cd95eb

  • Size

    134KB

  • Sample

    240619-f2qn8syhkm

  • MD5

    406f5fe16e766ebfd66e02c701bd55e8

  • SHA1

    d83c55a73d61966cf65bbf925343a9d220c1142e

  • SHA256

    f91bc899edac228033129fd629e3624ceba3e71eb760fb2ec9691e98c6cd95eb

  • SHA512

    43f650f99dcbc48c08e18eec5c4b0f4cc6b139d683d0a0f08bdc5281674959b11b5502daf4a34ba50a985f38da1b9c54d99eb7880fd0840142e643a62fa3fda3

  • SSDEEP

    1536:HDfDbhERTatPLTH0NqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwC7M:jiRTeH0NqAW6J6f1tqF6dngNmaZC7M

Score
10/10
neconydtrojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      f91bc899edac228033129fd629e3624ceba3e71eb760fb2ec9691e98c6cd95eb

    • Size

      134KB

    • MD5

      406f5fe16e766ebfd66e02c701bd55e8

    • SHA1

      d83c55a73d61966cf65bbf925343a9d220c1142e

    • SHA256

      f91bc899edac228033129fd629e3624ceba3e71eb760fb2ec9691e98c6cd95eb

    • SHA512

      43f650f99dcbc48c08e18eec5c4b0f4cc6b139d683d0a0f08bdc5281674959b11b5502daf4a34ba50a985f38da1b9c54d99eb7880fd0840142e643a62fa3fda3

    • SSDEEP

      1536:HDfDbhERTatPLTH0NqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwC7M:jiRTeH0NqAW6J6f1tqF6dngNmaZC7M

    Score
    10/10
    neconydtrojan

    • Neconyd

      Neconyd is a trojan written in C++.

      trojanneconyd

    • Detects executables built or packed with MPress PE compressor

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks