General

  • Target

    c77612305e77ea63d03b8d5010ffdcd0N.exe

  • Size

    61KB

  • Sample

    240819-241g4s1ckb

  • MD5

    c77612305e77ea63d03b8d5010ffdcd0

  • SHA1

    7a1334822ba5c0eb0c974b776d8ba0971431567a

  • SHA256

    ce45e5c38a143fd93ab34200604c7d49cec2fac4363def00b76c3c325c6fdb5f

  • SHA512

    502c884532735d4e546ae80cb69353d1163d4e0599ed35bacc205e2eef069a00ece52edfcca9df71aeb44555724f7eb4d67e23dc4f8ff682d5fc7112b0e6e195

  • SSDEEP

    768:YMEIvFGvZEr8LFK0ic46N47eSdYAHwmZ7Bp6JXXlaa5uA:YbIvYvZEyFKF6N4yS+AQmZIl/5

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      c77612305e77ea63d03b8d5010ffdcd0N.exe

    • Size

      61KB

    • MD5

      c77612305e77ea63d03b8d5010ffdcd0

    • SHA1

      7a1334822ba5c0eb0c974b776d8ba0971431567a

    • SHA256

      ce45e5c38a143fd93ab34200604c7d49cec2fac4363def00b76c3c325c6fdb5f

    • SHA512

      502c884532735d4e546ae80cb69353d1163d4e0599ed35bacc205e2eef069a00ece52edfcca9df71aeb44555724f7eb4d67e23dc4f8ff682d5fc7112b0e6e195

    • SSDEEP

      768:YMEIvFGvZEr8LFK0ic46N47eSdYAHwmZ7Bp6JXXlaa5uA:YbIvYvZEyFKF6N4yS+AQmZIl/5

    • Neconyd

      Neconyd is a trojan written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks