General

  • Target

    98bda23898b8e0477eaf56f8eb896f8db439689edc7ad6a4b69d0149aaf5ad65

  • Size

    248KB

  • MD5

    e6335d104647b522190b42c68519dc49

  • SHA1

    cab9c2a326e238f95f71a44d60169840ca2fe20f

  • SHA256

    98bda23898b8e0477eaf56f8eb896f8db439689edc7ad6a4b69d0149aaf5ad65

  • SHA512

    dba228dea84e648ddb5fd29f37308939ce2d59dd484887f467ab5b2b5acbe6303a76d3c0758a7e9d9bdc40580715dcdef31ff3bdc7551a71586d1bbfa10430a6

  • SSDEEP

    1536:Q4d9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZMnOHBRzU:QIdseIO+EZEyFjEOFqTiQmGnOHjzU

Score
10/10

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Signatures

  • Neconyd family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 98bda23898b8e0477eaf56f8eb896f8db439689edc7ad6a4b69d0149aaf5ad65
    .exe windows:4 windows x86 arch:x86

    b6ad8e85304192a027658f6e227d5e36


    Headers

    Imports

    Sections