Overview

overview

10

Static

static

10

d95e6e6721...cc.exe

windows7-x64

10

d95e6e6721...cc.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d95e6e67219f3f58dd8fb58400c6d1389a3ab05d09ed3517295da4d4baaa49cc

  • Size

    134KB

  • Sample

    240627-a5y7wswejr

  • MD5

    1c8d6ec079334851e95e04f875e34bac

  • SHA1

    a44cf520e4c848b079249b21cf1e56ed27b0978e

  • SHA256

    d95e6e67219f3f58dd8fb58400c6d1389a3ab05d09ed3517295da4d4baaa49cc

  • SHA512

    75dbd5f2f058f448bb9d7d4d515d6a901b031a1c537d91154a8e3b939ad313daeb4fb6d471e113f3d16d40fa02fe6593a29d22ca7ff4e1e4137e31007b5cc556

  • SSDEEP

    1536:PDfDbhERTatPLTH0iqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwCia:7iRTeH0iqAW6J6f1tqF6dngNmaZCia

Score
10/10
neconydtrojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      d95e6e67219f3f58dd8fb58400c6d1389a3ab05d09ed3517295da4d4baaa49cc

    • Size

      134KB

    • MD5

      1c8d6ec079334851e95e04f875e34bac

    • SHA1

      a44cf520e4c848b079249b21cf1e56ed27b0978e

    • SHA256

      d95e6e67219f3f58dd8fb58400c6d1389a3ab05d09ed3517295da4d4baaa49cc

    • SHA512

      75dbd5f2f058f448bb9d7d4d515d6a901b031a1c537d91154a8e3b939ad313daeb4fb6d471e113f3d16d40fa02fe6593a29d22ca7ff4e1e4137e31007b5cc556

    • SSDEEP

      1536:PDfDbhERTatPLTH0iqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwCia:7iRTeH0iqAW6J6f1tqF6dngNmaZCia

    Score
    10/10
    neconydtrojan

    • Neconyd

      Neconyd is a trojan written in C++.

      trojanneconyd

    • Detects executables built or packed with MPress PE compressor

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks