General

  • Target

    387d7283f3045b144597417657d66d88f68faaee8910d19e2ecdfe9d60dc70e0

  • Size

    35KB

  • Sample

    240628-y86cdathln

  • MD5

    b8b7b700f015565a4db5d43aa3501104

  • SHA1

    632970f3218125112af991a78cb7d5f6abb57a7e

  • SHA256

    387d7283f3045b144597417657d66d88f68faaee8910d19e2ecdfe9d60dc70e0

  • SHA512

    528601d1de8cfac16ed31e914cc7ad26f15c93893c1a94e4b1d97a1af11396a5126de6532932b8c5eaf0c229dfe8b497c39bee41670bcedff425d8f0caa2738b

  • SSDEEP

    768:X6vjVmakOElpmAsUA7DJHrhto2OsgwAPTUrpiEe7HpB:q8Z0kA7FHlO2OwOTUtKjpB

Score
10/10

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      387d7283f3045b144597417657d66d88f68faaee8910d19e2ecdfe9d60dc70e0

    • Size

      35KB

    • MD5

      b8b7b700f015565a4db5d43aa3501104

    • SHA1

      632970f3218125112af991a78cb7d5f6abb57a7e

    • SHA256

      387d7283f3045b144597417657d66d88f68faaee8910d19e2ecdfe9d60dc70e0

    • SHA512

      528601d1de8cfac16ed31e914cc7ad26f15c93893c1a94e4b1d97a1af11396a5126de6532932b8c5eaf0c229dfe8b497c39bee41670bcedff425d8f0caa2738b

    • SSDEEP

      768:X6vjVmakOElpmAsUA7DJHrhto2OsgwAPTUrpiEe7HpB:q8Z0kA7FHlO2OwOTUtKjpB

    Score
    10/10
    • Neconyd

      Neconyd is a trojan written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks