General

  • Target

    0a797fda9c5686f35bc55e150c12fd50N.exe

  • Size

    248KB

  • Sample

    240817-l6ytaszfke

  • MD5

    0a797fda9c5686f35bc55e150c12fd50

  • SHA1

    a41be8338e47bae4d2103de70e447148ab48f122

  • SHA256

    ec641aca9f93d2df3c8f5595e5f7a9047754f1acfde0c51d446fc8bc56255c0e

  • SHA512

    c8755a7d65069f2ab20d753595c26db1b0252b81821958a8bcad55a27cc89030d3e771c96ae87d4b68b9e21848702dc80f0eaaa85bee718819a4e90564796f59

  • SSDEEP

    1536:64d9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZMnOHBRzU:6IdseIO+EZEyFjEOFqTiQmGnOHjzU

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      0a797fda9c5686f35bc55e150c12fd50N.exe

    • Size

      248KB

    • MD5

      0a797fda9c5686f35bc55e150c12fd50

    • SHA1

      a41be8338e47bae4d2103de70e447148ab48f122

    • SHA256

      ec641aca9f93d2df3c8f5595e5f7a9047754f1acfde0c51d446fc8bc56255c0e

    • SHA512

      c8755a7d65069f2ab20d753595c26db1b0252b81821958a8bcad55a27cc89030d3e771c96ae87d4b68b9e21848702dc80f0eaaa85bee718819a4e90564796f59

    • SSDEEP

      1536:64d9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZMnOHBRzU:6IdseIO+EZEyFjEOFqTiQmGnOHjzU

    • Neconyd

      Neconyd is a trojan written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks