General

  • Target

    ea8b76c118c419c26149792ca6b19490N.exe

  • Size

    248KB

  • Sample

    240817-kqhxgaxbqe

  • MD5

    ea8b76c118c419c26149792ca6b19490

  • SHA1

    fdac44513533715f5e76f4495ac00b6fd196688c

  • SHA256

    8a95929f6c5466eeb267fe7d5d1eb393cfe383e55eef73a8ad920695a5a7c29f

  • SHA512

    26172cea40ed733cd60b577e3563d58776da17ce920f9c2c53f38a10a62311158c81928109ce72f59eb803e55da1c607bb24d00bc231487ac36feed2d3cce65b

  • SSDEEP

    1536:H4d9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZMnOHBRzU:HIdseIO+EZEyFjEOFqTiQmGnOHjzU

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      ea8b76c118c419c26149792ca6b19490N.exe

    • Size

      248KB

    • MD5

      ea8b76c118c419c26149792ca6b19490

    • SHA1

      fdac44513533715f5e76f4495ac00b6fd196688c

    • SHA256

      8a95929f6c5466eeb267fe7d5d1eb393cfe383e55eef73a8ad920695a5a7c29f

    • SHA512

      26172cea40ed733cd60b577e3563d58776da17ce920f9c2c53f38a10a62311158c81928109ce72f59eb803e55da1c607bb24d00bc231487ac36feed2d3cce65b

    • SSDEEP

      1536:H4d9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZMnOHBRzU:HIdseIO+EZEyFjEOFqTiQmGnOHjzU

    • Neconyd

      Neconyd is a trojan written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks