General

  • Target

    199b300b1a74510e4515d7c6cbb47e60N.exe

  • Size

    248KB

  • Sample

    240819-stx5kavgrn

  • MD5

    199b300b1a74510e4515d7c6cbb47e60

  • SHA1

    d2ccd57f8813d5f6b4514e753a8c2024d80b62f5

  • SHA256

    9f6eb3a8ef9e48ae5e34d3dc981199867c3fc523d42d9dc5b8a67cc4d29b84b7

  • SHA512

    75580d68eaaacda1325b87d09bf588818bf5a82395976c08f41eb826325c372989bfc400e54154e193a32c678b15fe4a23cc5e3c1ea6b5162453c4ec00029441

  • SSDEEP

    1536:X4d9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZMnOHBRzU:XIdseIO+EZEyFjEOFqTiQmGnOHjzU

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      199b300b1a74510e4515d7c6cbb47e60N.exe

    • Size

      248KB

    • MD5

      199b300b1a74510e4515d7c6cbb47e60

    • SHA1

      d2ccd57f8813d5f6b4514e753a8c2024d80b62f5

    • SHA256

      9f6eb3a8ef9e48ae5e34d3dc981199867c3fc523d42d9dc5b8a67cc4d29b84b7

    • SHA512

      75580d68eaaacda1325b87d09bf588818bf5a82395976c08f41eb826325c372989bfc400e54154e193a32c678b15fe4a23cc5e3c1ea6b5162453c4ec00029441

    • SSDEEP

      1536:X4d9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZMnOHBRzU:XIdseIO+EZEyFjEOFqTiQmGnOHjzU

    • Neconyd

      Neconyd is a trojan written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks