General

  • Target

    62c4b5d0608e2b4e3bc579d979e067c7e5e8a272b6c2e6f566234acb5d7dda50

  • Size

    316KB

  • Sample

    240817-3qyxsswgqp

  • MD5

    d3d40e49402d7af14b4b50e6002cf4a0

  • SHA1

    8e1539e26e51885b63c3d415182b714aaee6c65a

  • SHA256

    62c4b5d0608e2b4e3bc579d979e067c7e5e8a272b6c2e6f566234acb5d7dda50

  • SHA512

    bd023325c78720371d2e659c328b89d65dd8f226c1c3dabb87aced4bdf32ddf0495e97690c74e8d143cb934c0f6561b715e933f287e11f57a6ea7e732ef897e5

  • SSDEEP

    1536:n4d9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZUnOHBRzU:nIdseIO+EZEyFjEOFqTiQmKnOHjzU

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      62c4b5d0608e2b4e3bc579d979e067c7e5e8a272b6c2e6f566234acb5d7dda50

    • Size

      316KB

    • MD5

      d3d40e49402d7af14b4b50e6002cf4a0

    • SHA1

      8e1539e26e51885b63c3d415182b714aaee6c65a

    • SHA256

      62c4b5d0608e2b4e3bc579d979e067c7e5e8a272b6c2e6f566234acb5d7dda50

    • SHA512

      bd023325c78720371d2e659c328b89d65dd8f226c1c3dabb87aced4bdf32ddf0495e97690c74e8d143cb934c0f6561b715e933f287e11f57a6ea7e732ef897e5

    • SSDEEP

      1536:n4d9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZUnOHBRzU:nIdseIO+EZEyFjEOFqTiQmKnOHjzU

    • Neconyd

      Neconyd is a trojan written in C++.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks