General

  • Target

    23c02e2bc5d25b24d9f22d75038e95f0N.exe

  • Size

    248KB

  • Sample

    240817-qam45szcnr

  • MD5

    23c02e2bc5d25b24d9f22d75038e95f0

  • SHA1

    56cd6e54ed885cf97950e56d2684a1ba02bd29a4

  • SHA256

    7c0ad3ed329fc1c621039a39e7fc1b0afc4bed8ce0c4a331f797f91ee37319e5

  • SHA512

    5ad44d47b97ff7a9b9782fe394a7dc58143d503dd08211ec064566a0ad96ce42f60c8c74118499cdfe3838662e7775d131bb99d8542b4751c41054871ac0029a

  • SSDEEP

    1536:p4d9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZMnOHBRzU:pIdseIO+EZEyFjEOFqTiQmGnOHjzU

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      23c02e2bc5d25b24d9f22d75038e95f0N.exe

    • Size

      248KB

    • MD5

      23c02e2bc5d25b24d9f22d75038e95f0

    • SHA1

      56cd6e54ed885cf97950e56d2684a1ba02bd29a4

    • SHA256

      7c0ad3ed329fc1c621039a39e7fc1b0afc4bed8ce0c4a331f797f91ee37319e5

    • SHA512

      5ad44d47b97ff7a9b9782fe394a7dc58143d503dd08211ec064566a0ad96ce42f60c8c74118499cdfe3838662e7775d131bb99d8542b4751c41054871ac0029a

    • SSDEEP

      1536:p4d9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZMnOHBRzU:pIdseIO+EZEyFjEOFqTiQmGnOHjzU

    • Neconyd

      Neconyd is a trojan written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks