General

  • Target

    3ed26f52d229f9c84123c3cc817a2bd0N.exe

  • Size

    248KB

  • Sample

    240819-zql2fszakl

  • MD5

    3ed26f52d229f9c84123c3cc817a2bd0

  • SHA1

    a0885e8dca7e34c316e81fe3571fe395df7a6f73

  • SHA256

    21c4e34bd9598001ae286b62543d613cb675d29f4f20f0e01b77990d782460b6

  • SHA512

    8785a2076e7451163735ffe275cd85c52acf1577471c9642845f826859bc5937ba5b243789cd0c71e5feb53c9df5c1cd20a400a9049ccab6bb9ca7c2e43d2a6a

  • SSDEEP

    1536:G4d9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZMnOHBRzU:GIdseIO+EZEyFjEOFqTiQmGnOHjzU

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      3ed26f52d229f9c84123c3cc817a2bd0N.exe

    • Size

      248KB

    • MD5

      3ed26f52d229f9c84123c3cc817a2bd0

    • SHA1

      a0885e8dca7e34c316e81fe3571fe395df7a6f73

    • SHA256

      21c4e34bd9598001ae286b62543d613cb675d29f4f20f0e01b77990d782460b6

    • SHA512

      8785a2076e7451163735ffe275cd85c52acf1577471c9642845f826859bc5937ba5b243789cd0c71e5feb53c9df5c1cd20a400a9049ccab6bb9ca7c2e43d2a6a

    • SSDEEP

      1536:G4d9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZMnOHBRzU:GIdseIO+EZEyFjEOFqTiQmGnOHjzU

    • Neconyd

      Neconyd is a trojan written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks