Overview

overview

10

Static

static

10

5809e61925...ee.exe

windows7-x64

10

5809e61925...ee.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5809e619259b720a1ca9faba9262022ebf0d4daaf1f9eb67c139598e03437fee

  • Size

    134KB

  • Sample

    240628-1rgzkawdlm

  • MD5

    9203d5a8723565c4e341335038f12ac2

  • SHA1

    8a1dd42a1fbab61abf86cbe0bd9cd87fabe78c79

  • SHA256

    5809e619259b720a1ca9faba9262022ebf0d4daaf1f9eb67c139598e03437fee

  • SHA512

    6291a16efbdb8c5d3594bc84ddbe43d927a7222ecf1ab0c37208fd8eee9a6bf4b218fac17646f107d2b90d387d805dac20bec8bcdcb6606b79cf11b4cb007364

  • SSDEEP

    1536:4DfDbhERTatPLTH0iqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwCia:eiRTeH0iqAW6J6f1tqF6dngNmaZCia

Score
10/10
neconydtrojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      5809e619259b720a1ca9faba9262022ebf0d4daaf1f9eb67c139598e03437fee

    • Size

      134KB

    • MD5

      9203d5a8723565c4e341335038f12ac2

    • SHA1

      8a1dd42a1fbab61abf86cbe0bd9cd87fabe78c79

    • SHA256

      5809e619259b720a1ca9faba9262022ebf0d4daaf1f9eb67c139598e03437fee

    • SHA512

      6291a16efbdb8c5d3594bc84ddbe43d927a7222ecf1ab0c37208fd8eee9a6bf4b218fac17646f107d2b90d387d805dac20bec8bcdcb6606b79cf11b4cb007364

    • SSDEEP

      1536:4DfDbhERTatPLTH0iqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwCia:eiRTeH0iqAW6J6f1tqF6dngNmaZCia

    Score
    10/10
    neconydtrojan

    • Neconyd

      Neconyd is a trojan written in C++.

      trojanneconyd

    • Detects executables built or packed with MPress PE compressor

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks