General

  • Target

    03203946e7a049459f5f7d59e6d4c076c7b2177fdbe3263af424ecb2abace5d4

  • Size

    248KB

  • Sample

    240817-w151jazdje

  • MD5

    20aff0e42792690895e6a56403ed5ce7

  • SHA1

    f6dcee85a8c293e61504a63c706f72ef786505e2

  • SHA256

    03203946e7a049459f5f7d59e6d4c076c7b2177fdbe3263af424ecb2abace5d4

  • SHA512

    c4a6b1a56937daf0ef09d7ccd5f7880b2d3687b2f034ef99a89c1f4d9dcaf7a570edeff2ceb09617763ffae174f21a824d0d032109c839e2556430890f715eac

  • SSDEEP

    1536:s4d9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZMnOHBRzU:sIdseIO+EZEyFjEOFqTiQmGnOHjzU

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      03203946e7a049459f5f7d59e6d4c076c7b2177fdbe3263af424ecb2abace5d4

    • Size

      248KB

    • MD5

      20aff0e42792690895e6a56403ed5ce7

    • SHA1

      f6dcee85a8c293e61504a63c706f72ef786505e2

    • SHA256

      03203946e7a049459f5f7d59e6d4c076c7b2177fdbe3263af424ecb2abace5d4

    • SHA512

      c4a6b1a56937daf0ef09d7ccd5f7880b2d3687b2f034ef99a89c1f4d9dcaf7a570edeff2ceb09617763ffae174f21a824d0d032109c839e2556430890f715eac

    • SSDEEP

      1536:s4d9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZMnOHBRzU:sIdseIO+EZEyFjEOFqTiQmGnOHjzU

    • Neconyd

      Neconyd is a trojan written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks