General

  • Target

    6140d6c5cc625e69b6c96613bc4fa290N.exe

  • Size

    71KB

  • Sample

    240820-3q2zfstarm

  • MD5

    6140d6c5cc625e69b6c96613bc4fa290

  • SHA1

    64f6416603658d2babacf7ff229a4bf765224fd9

  • SHA256

    ba71c94f0cf869fec1a74900813a9f636253cb24e8b4d54b028bb27f73e520fc

  • SHA512

    c511a3e0d28e0b0a75d150e4cf2b5f9a7b0670c3d763a2df45608b1c3925d4789c79df644aa3a6bd3b1881b1c705a7fd0c6dcb4c49850344486ccfb43a461db7

  • SSDEEP

    1536:Gd9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZSDHIbH:+dseIOMEZEyFjEOFqTiQmQDHIbH

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      6140d6c5cc625e69b6c96613bc4fa290N.exe

    • Size

      71KB

    • MD5

      6140d6c5cc625e69b6c96613bc4fa290

    • SHA1

      64f6416603658d2babacf7ff229a4bf765224fd9

    • SHA256

      ba71c94f0cf869fec1a74900813a9f636253cb24e8b4d54b028bb27f73e520fc

    • SHA512

      c511a3e0d28e0b0a75d150e4cf2b5f9a7b0670c3d763a2df45608b1c3925d4789c79df644aa3a6bd3b1881b1c705a7fd0c6dcb4c49850344486ccfb43a461db7

    • SSDEEP

      1536:Gd9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZSDHIbH:+dseIOMEZEyFjEOFqTiQmQDHIbH

    • Neconyd

      Neconyd is a trojan written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks