General

  • Target

    8bc55600e204e023eb09abc63317dc6fb3a13abaecc30840039083c4e427ef9a

  • Size

    35KB

  • MD5

    692c37c16abf8cef8cd25830e274c63f

  • SHA1

    641ebc7e8eba0d9b479f2f1a7c3e69f414161f1b

  • SHA256

    8bc55600e204e023eb09abc63317dc6fb3a13abaecc30840039083c4e427ef9a

  • SHA512

    ed5714b6a5f005f11ae2868202d50b77e3b7714c15dff23ce865b463741cc020fda1fe9c464bd5bf214edb769f434950fc0eba2f13aaa0c84d3d7af70b626965

  • SSDEEP

    768:b6vjVmakOElpmAsUA7DJHrhto2OsgwAPTUrpiEe7HpB:G8Z0kA7FHlO2OwOTUtKjpB

Score
10/10

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Signatures

  • Neconyd family
  • UPX dump on OEP (original entry point) 1 IoCs
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • 8bc55600e204e023eb09abc63317dc6fb3a13abaecc30840039083c4e427ef9a
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections