General

  • Target

    dc9f0dcb65de8b78dfc92ed5c71c4c80N.exe

  • Size

    33KB

  • Sample

    240817-a7dc7sxekf

  • MD5

    dc9f0dcb65de8b78dfc92ed5c71c4c80

  • SHA1

    b77268e96877922551a8dd4b164c9ba74202d141

  • SHA256

    9974edd227c48dfe696723c15b6d828d945dc40054c3a53664da8fdb67fca35a

  • SHA512

    2167f4271850a18b414e0d30033ad297e58688764c371f4a17eec3a9229ea2a9ed7361230de56022f09e39928e71a0783cf260ea6d9ec33593beac2e0dbd7aaa

  • SSDEEP

    768:jfVhP/4kt3+9IV6Y90ksQ1oWHT0hh0vy9S5fsYGbTmoN/yE56hlSQ7D:jfVRztyHo8QNHTk0qE5fslvN/956q

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      dc9f0dcb65de8b78dfc92ed5c71c4c80N.exe

    • Size

      33KB

    • MD5

      dc9f0dcb65de8b78dfc92ed5c71c4c80

    • SHA1

      b77268e96877922551a8dd4b164c9ba74202d141

    • SHA256

      9974edd227c48dfe696723c15b6d828d945dc40054c3a53664da8fdb67fca35a

    • SHA512

      2167f4271850a18b414e0d30033ad297e58688764c371f4a17eec3a9229ea2a9ed7361230de56022f09e39928e71a0783cf260ea6d9ec33593beac2e0dbd7aaa

    • SSDEEP

      768:jfVhP/4kt3+9IV6Y90ksQ1oWHT0hh0vy9S5fsYGbTmoN/yE56hlSQ7D:jfVRztyHo8QNHTk0qE5fslvN/956q

    • Neconyd

      Neconyd is a trojan written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks