General

  • Target

    75693cfba81fb00326ba9e4d1ade79e0N.exe

  • Size

    35KB

  • MD5

    75693cfba81fb00326ba9e4d1ade79e0

  • SHA1

    eebc6f1aa980f6dfbbe70eb73dd78d320cc1ff8e

  • SHA256

    47564772d274b0a650c18597b11ab9af811917ff3af9b86f3f640a9634cfa824

  • SHA512

    3283c6271e4cf53697630dc64ef7df4f3bd21e6b9cf728376a67deedf42d93f7444622ca3a616e209f73ee4122fb5322fd6b31046e296f92dec03525cdf80a5c

  • SSDEEP

    768:e6vjVmakOElpmAsUA7DJHrhto2OsgwAPTUrpiEe7HpB:l8Z0kA7FHlO2OwOTUtKjpB

Score
10/10

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Signatures

  • Neconyd family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • 75693cfba81fb00326ba9e4d1ade79e0N.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections