General

  • Target

    8c07c9393729e2d1edd477c09e67ab3d5efba93898f5a32b8ecc936526575548

  • Size

    248KB

  • Sample

    240817-b9srcatepr

  • MD5

    fa5f718e93e5820db991100ccce8a5b6

  • SHA1

    008aa896a9a740ac04107c0574ce2deadf681cb3

  • SHA256

    8c07c9393729e2d1edd477c09e67ab3d5efba93898f5a32b8ecc936526575548

  • SHA512

    2aab7340eef05513e82e9eeb7a4d5d0f4165cc151193ca62d481da631c9840f2051c3e08c520c6371719bdea8909b5c2f723280beb7caabce11aa29e87bb30b2

  • SSDEEP

    1536:P4d9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZMnOHBRzU:PIdseIO+EZEyFjEOFqTiQmGnOHjzU

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      8c07c9393729e2d1edd477c09e67ab3d5efba93898f5a32b8ecc936526575548

    • Size

      248KB

    • MD5

      fa5f718e93e5820db991100ccce8a5b6

    • SHA1

      008aa896a9a740ac04107c0574ce2deadf681cb3

    • SHA256

      8c07c9393729e2d1edd477c09e67ab3d5efba93898f5a32b8ecc936526575548

    • SHA512

      2aab7340eef05513e82e9eeb7a4d5d0f4165cc151193ca62d481da631c9840f2051c3e08c520c6371719bdea8909b5c2f723280beb7caabce11aa29e87bb30b2

    • SSDEEP

      1536:P4d9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZMnOHBRzU:PIdseIO+EZEyFjEOFqTiQmGnOHjzU

    • Neconyd

      Neconyd is a trojan written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks