General

  • Target

    837af828acf7f003c82bf7ca066744d0N.exe

  • Size

    90KB

  • Sample

    240817-cht1rsvaqm

  • MD5

    837af828acf7f003c82bf7ca066744d0

  • SHA1

    eea56b5f83cab70d441f63b3200cd759a0881392

  • SHA256

    8d1afeabdb0b098a2f09396e30e1ae26365e22274c8121c75f1cb8e8d15b19a1

  • SHA512

    26f4b010ba9d3b5349bdaf5c6c32150dbed03c6fdfe85cb6be3a18c2b43594f37f19d5d973aaf96d481ee12cfa80dd230af08c67159a6d6583ea504b7865a958

  • SSDEEP

    768:uMEIvFGvZEr8LFK0ic46N4zeSdPAHwmZGp6JXXlaa5uA:ubIvYvZEyFKF6N4aS5AQmZTl/5

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      837af828acf7f003c82bf7ca066744d0N.exe

    • Size

      90KB

    • MD5

      837af828acf7f003c82bf7ca066744d0

    • SHA1

      eea56b5f83cab70d441f63b3200cd759a0881392

    • SHA256

      8d1afeabdb0b098a2f09396e30e1ae26365e22274c8121c75f1cb8e8d15b19a1

    • SHA512

      26f4b010ba9d3b5349bdaf5c6c32150dbed03c6fdfe85cb6be3a18c2b43594f37f19d5d973aaf96d481ee12cfa80dd230af08c67159a6d6583ea504b7865a958

    • SSDEEP

      768:uMEIvFGvZEr8LFK0ic46N4zeSdPAHwmZGp6JXXlaa5uA:ubIvYvZEyFKF6N4aS5AQmZTl/5

    • Neconyd

      Neconyd is a trojan written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks