General

  • Target

    dee907ad6ad038b2be89acb3dfb5e7a5a404731d8f9b7e6e735e193391960c17

  • Size

    35KB

  • Sample

    240702-evtlwavfpg

  • MD5

    5ea283ddecbe66c2d3ca62a65e6141bd

  • SHA1

    6f962a154036dd27b863c235c8d8e8a8b4d8776d

  • SHA256

    dee907ad6ad038b2be89acb3dfb5e7a5a404731d8f9b7e6e735e193391960c17

  • SHA512

    61e2e4a80ecb00d1af0024e279cab3de58dc6a720bae998f4dc954057276d23bc082a26e738cb921a51794477b729154fcb76efbb2ac2b88bcb7aad22c58cc29

  • SSDEEP

    768:36vjVmakOElpmAsUA7DJHrhto2OsgwAPTUrpiEe7HpB:K8Z0kA7FHlO2OwOTUtKjpB

Score
10/10

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      dee907ad6ad038b2be89acb3dfb5e7a5a404731d8f9b7e6e735e193391960c17

    • Size

      35KB

    • MD5

      5ea283ddecbe66c2d3ca62a65e6141bd

    • SHA1

      6f962a154036dd27b863c235c8d8e8a8b4d8776d

    • SHA256

      dee907ad6ad038b2be89acb3dfb5e7a5a404731d8f9b7e6e735e193391960c17

    • SHA512

      61e2e4a80ecb00d1af0024e279cab3de58dc6a720bae998f4dc954057276d23bc082a26e738cb921a51794477b729154fcb76efbb2ac2b88bcb7aad22c58cc29

    • SSDEEP

      768:36vjVmakOElpmAsUA7DJHrhto2OsgwAPTUrpiEe7HpB:K8Z0kA7FHlO2OwOTUtKjpB

    Score
    10/10
    • Neconyd

      Neconyd is a trojan written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks