General

  • Target

    3d9eec2bb217e1bd2a0196a4d8199b20N.exe

  • Size

    248KB

  • Sample

    240820-2svgqa1fjl

  • MD5

    3d9eec2bb217e1bd2a0196a4d8199b20

  • SHA1

    ca9bc77256f167ea6d3698d159a77df0847c88ca

  • SHA256

    cc0a5acc325b81e9ae2827cb83c567eba5e1d85fb4f192fac4e7d0625c3c4f15

  • SHA512

    c27d7e509c4966c0904a1aa1a1a48a7d716590ce7b3ae855951f1612b515fecf007c3f90fdb7edaa505024104ca68c5a1e72867e086bc0df3cc0a9c5d0d350b5

  • SSDEEP

    1536:Y4d9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZMnOHBRzU:YIdseIO+EZEyFjEOFqTiQmGnOHjzU

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      3d9eec2bb217e1bd2a0196a4d8199b20N.exe

    • Size

      248KB

    • MD5

      3d9eec2bb217e1bd2a0196a4d8199b20

    • SHA1

      ca9bc77256f167ea6d3698d159a77df0847c88ca

    • SHA256

      cc0a5acc325b81e9ae2827cb83c567eba5e1d85fb4f192fac4e7d0625c3c4f15

    • SHA512

      c27d7e509c4966c0904a1aa1a1a48a7d716590ce7b3ae855951f1612b515fecf007c3f90fdb7edaa505024104ca68c5a1e72867e086bc0df3cc0a9c5d0d350b5

    • SSDEEP

      1536:Y4d9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZMnOHBRzU:YIdseIO+EZEyFjEOFqTiQmGnOHjzU

    • Neconyd

      Neconyd is a trojan written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks