Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d8cfe74eaa707ae96ae588c33d610e60N.exe

  • Size

    35KB

  • Sample

    240725-rvb32stdml

  • MD5

    d8cfe74eaa707ae96ae588c33d610e60

  • SHA1

    2db800a053fa7645eee7f2d36a845ec2f93d2e8b

  • SHA256

    eeb6aa7ce9da18a3641218a38ad028c078d5f5d3ed9f329734678c14ce7aa6f4

  • SHA512

    77036461e8d81a32eab664b88a9bb5a1397341b3746dff9177e9769083a2611208e9eac564fc5e21d73d7792bde6a254d1517c52fb8e19f936a1044efe6f1549

  • SSDEEP

    768:46vjVmakOElpmAsUA7DJHrhto2OsgwAPTUrpiEe7HpB:/8Z0kA7FHlO2OwOTUtKjpB

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      d8cfe74eaa707ae96ae588c33d610e60N.exe

    • Size

      35KB

    • MD5

      d8cfe74eaa707ae96ae588c33d610e60

    • SHA1

      2db800a053fa7645eee7f2d36a845ec2f93d2e8b

    • SHA256

      eeb6aa7ce9da18a3641218a38ad028c078d5f5d3ed9f329734678c14ce7aa6f4

    • SHA512

      77036461e8d81a32eab664b88a9bb5a1397341b3746dff9177e9769083a2611208e9eac564fc5e21d73d7792bde6a254d1517c52fb8e19f936a1044efe6f1549

    • SSDEEP

      768:46vjVmakOElpmAsUA7DJHrhto2OsgwAPTUrpiEe7HpB:/8Z0kA7FHlO2OwOTUtKjpB

    • Neconyd

      Neconyd is a trojan written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks