General

  • Target

    18ebd0527353cf5169a3d24557fab6f0N.exe

  • Size

    248KB

  • MD5

    18ebd0527353cf5169a3d24557fab6f0

  • SHA1

    71153bc6ab1076414913be32badef73c80a04682

  • SHA256

    714b78c2eb5e85b67398800aa5bc12d0a99ce67effb3b7f83494e395d8909f27

  • SHA512

    2e81e96e2906abd2c02c66366b42692cc70c1b9e67e2b97584fe12ca1a33d55184116b80da8c9441cc25115c9004493fa626108268c965832dbd410e53abf2ea

  • SSDEEP

    1536:84d9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZMnOHBRzU:8IdseIO+EZEyFjEOFqTiQmGnOHjzU

Score
10/10

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Signatures

  • Neconyd family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 18ebd0527353cf5169a3d24557fab6f0N.exe
    .exe windows:4 windows x86 arch:x86

    b6ad8e85304192a027658f6e227d5e36


    Headers

    Imports

    Sections