General

  • Target

    3021e9baff6a286013dadf5fa717e4c3cb471d25d5595a54f2a1ba3b6ba2b472

  • Size

    316KB

  • MD5

    5cfe255ce6f7a46c5f7eefc5efa67718

  • SHA1

    6a2aff4b1a9c7f687fd043c2dafc27e12359b145

  • SHA256

    3021e9baff6a286013dadf5fa717e4c3cb471d25d5595a54f2a1ba3b6ba2b472

  • SHA512

    54f640056f325e4db16e3ab0ae8c3a8b88adbf4cdcac45c4a218a547cd238c3f1007c885fbe7a2800834c7c947a1167520376c599ebdd16fac70355bbadf61dc

  • SSDEEP

    1536:J4d9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZUnOHBRzU:JIdseIO+EZEyFjEOFqTiQmKnOHjzU

Score
10/10

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Signatures

  • Neconyd family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3021e9baff6a286013dadf5fa717e4c3cb471d25d5595a54f2a1ba3b6ba2b472
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections