General

  • Target

    3af4c90be05e1f0a645d05215d226870N.exe

  • Size

    248KB

  • MD5

    3af4c90be05e1f0a645d05215d226870

  • SHA1

    a634bd6711a821dc357e8a4c3c75599e6aa132d6

  • SHA256

    08e1f7a0db3395be8b5b2eea71f6614470012f945a7b24bb03b694808ce1b10d

  • SHA512

    157729c055a434afe440ace48e1bf3962a70e80458162fa1ba7d54026e701738b4d759622b6728de9f530e0b84039c54347051ee44b0e9d4c47daa73d9ab23f5

  • SSDEEP

    1536:M4d9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZMnOHBRzU:MIdseIO+EZEyFjEOFqTiQmGnOHjzU

Score
10/10

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Signatures

  • Neconyd family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3af4c90be05e1f0a645d05215d226870N.exe
    .exe windows:4 windows x86 arch:x86

    b6ad8e85304192a027658f6e227d5e36


    Headers

    Imports

    Sections