General

  • Target

    af03db893046edb55688188795937cd0N.exe

  • Size

    80KB

  • Sample

    240817-z7c5waxelh

  • MD5

    af03db893046edb55688188795937cd0

  • SHA1

    f2561d16f32a9b5700661542e7742396e4df14e8

  • SHA256

    ea8c02ea356974b180c0aebc7684a5b67854abe7a9282003cd7f9d8ea88e5ee0

  • SHA512

    e5735661a89993a610bfc158fca4ba71b987ac786880b9770c839225dbe425d27bc60aa47f542b88a9d557fba3a646987c483195e8a0d409ce346e8838d3c934

  • SSDEEP

    768:7fMEIvFGvZEr8LFK0ic46N47eSdYAHwmZGp6JXXlaa5uA:7fbIvYvZEyFKF6N4yS+AQmZTl/5

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      af03db893046edb55688188795937cd0N.exe

    • Size

      80KB

    • MD5

      af03db893046edb55688188795937cd0

    • SHA1

      f2561d16f32a9b5700661542e7742396e4df14e8

    • SHA256

      ea8c02ea356974b180c0aebc7684a5b67854abe7a9282003cd7f9d8ea88e5ee0

    • SHA512

      e5735661a89993a610bfc158fca4ba71b987ac786880b9770c839225dbe425d27bc60aa47f542b88a9d557fba3a646987c483195e8a0d409ce346e8838d3c934

    • SSDEEP

      768:7fMEIvFGvZEr8LFK0ic46N47eSdYAHwmZGp6JXXlaa5uA:7fbIvYvZEyFKF6N4yS+AQmZTl/5

    • Neconyd

      Neconyd is a trojan written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks