General

  • Target

    f57badb5dc8cbdeb11067fd71dc13e20N.exe

  • Size

    248KB

  • Sample

    240819-11m7yascql

  • MD5

    f57badb5dc8cbdeb11067fd71dc13e20

  • SHA1

    65779651df3cc94231917c317c6c7581d4c4a3eb

  • SHA256

    6349ce0fec9ad2998322ac5391737f52ef799d9ec4052e9de8487dc312490181

  • SHA512

    9488108b99863e3b563d0c1a2dbb6540c9683e9ac92a1c5ae0d66b0b56e6c82e74f60ec51cde896fd7a4abf53b8d2acb3cde6f13a4c81f61104d2b96ebfa11e0

  • SSDEEP

    1536:44d9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZMnOHBRzU:4IdseIO+EZEyFjEOFqTiQmGnOHjzU

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      f57badb5dc8cbdeb11067fd71dc13e20N.exe

    • Size

      248KB

    • MD5

      f57badb5dc8cbdeb11067fd71dc13e20

    • SHA1

      65779651df3cc94231917c317c6c7581d4c4a3eb

    • SHA256

      6349ce0fec9ad2998322ac5391737f52ef799d9ec4052e9de8487dc312490181

    • SHA512

      9488108b99863e3b563d0c1a2dbb6540c9683e9ac92a1c5ae0d66b0b56e6c82e74f60ec51cde896fd7a4abf53b8d2acb3cde6f13a4c81f61104d2b96ebfa11e0

    • SSDEEP

      1536:44d9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZMnOHBRzU:4IdseIO+EZEyFjEOFqTiQmGnOHjzU

    • Neconyd

      Neconyd is a trojan written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks