Overview

overview

10

Static

static

10

f058373694...be.exe

windows7-x64

10

f058373694...be.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    f058373694f3ecf03eb7bc944604354826f2b158c0dc0b38bf8d12649d7bffbe

  • Size

    316KB

  • MD5

    820008ecdb447f22543a2afca2b1713c

  • SHA1

    04adbc4b03c01b4efd91f0ffecec69a0134340e6

  • SHA256

    f058373694f3ecf03eb7bc944604354826f2b158c0dc0b38bf8d12649d7bffbe

  • SHA512

    e04a65107bc6f0c65b10eab5c3c81902ae7e458f4d924c1e10a7c0887fc44a0821b07587c199668c7e4576ee808055a0cf3c5e6b1e0794245a3cc89517eb937d

  • SSDEEP

    1536:y4d9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZUnOHBRzU:yIdseIO+EZEyFjEOFqTiQmKnOHjzU

Score
10/10
upxneconyd

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Signatures

  • Neconyd family
    neconyd
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • f058373694f3ecf03eb7bc944604354826f2b158c0dc0b38bf8d12649d7bffbe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections