General

  • Target

    792ac20189cfa08fcef2a69ee54ee090N.exe

  • Size

    71KB

  • Sample

    240817-g3d79s1epc

  • MD5

    792ac20189cfa08fcef2a69ee54ee090

  • SHA1

    660d4dec92d5fc698f2eb853e238128620a9f27d

  • SHA256

    95ed46c6261be53fa163a4a11902e055dfa073c585bc9b983af7deeed6b7dbfa

  • SHA512

    ac8004fca7bad55700b3dd4aa9de16b42ec855ce8d595a98864387691c214581d73619ac6c1b3d196c1097f7afa3c5fa1088885199dd96c725c6b48d3ce46a3a

  • SSDEEP

    1536:jd9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZSDHIbH:DdseIOMEZEyFjEOFqTiQmQDHIbH

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      792ac20189cfa08fcef2a69ee54ee090N.exe

    • Size

      71KB

    • MD5

      792ac20189cfa08fcef2a69ee54ee090

    • SHA1

      660d4dec92d5fc698f2eb853e238128620a9f27d

    • SHA256

      95ed46c6261be53fa163a4a11902e055dfa073c585bc9b983af7deeed6b7dbfa

    • SHA512

      ac8004fca7bad55700b3dd4aa9de16b42ec855ce8d595a98864387691c214581d73619ac6c1b3d196c1097f7afa3c5fa1088885199dd96c725c6b48d3ce46a3a

    • SSDEEP

      1536:jd9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZSDHIbH:DdseIOMEZEyFjEOFqTiQmQDHIbH

    • Neconyd

      Neconyd is a trojan written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks