General

  • Target

    4aec966a098b14cfa78cee94d3525a70N.exe

  • Size

    248KB

  • Sample

    240820-d1lyjs1fnc

  • MD5

    4aec966a098b14cfa78cee94d3525a70

  • SHA1

    436a0465ef80cd38c5924a5fd8fe95c54b2d88a3

  • SHA256

    87cfa27f01d41a0b2ef28eca0be39ea8b810cab101203096b00d27a8f70b3222

  • SHA512

    46da6aeba548eb4bec019284d2a8d18cd8112038e00875d809ce2d0792e32d9ed26a53ea18503f33cfb22eacb2125c016733fccd830a2b8b78ab4a223c16f283

  • SSDEEP

    1536:E4d9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZMnOHBRzU:EIdseIO+EZEyFjEOFqTiQmGnOHjzU

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      4aec966a098b14cfa78cee94d3525a70N.exe

    • Size

      248KB

    • MD5

      4aec966a098b14cfa78cee94d3525a70

    • SHA1

      436a0465ef80cd38c5924a5fd8fe95c54b2d88a3

    • SHA256

      87cfa27f01d41a0b2ef28eca0be39ea8b810cab101203096b00d27a8f70b3222

    • SHA512

      46da6aeba548eb4bec019284d2a8d18cd8112038e00875d809ce2d0792e32d9ed26a53ea18503f33cfb22eacb2125c016733fccd830a2b8b78ab4a223c16f283

    • SSDEEP

      1536:E4d9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZMnOHBRzU:EIdseIO+EZEyFjEOFqTiQmGnOHjzU

    • Neconyd

      Neconyd is a trojan written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks