General

  • Target

    d723a022a926006b38fa937d2f3ed9e0N.exe

  • Size

    248KB

  • Sample

    240820-mt2vvs1fjm

  • MD5

    d723a022a926006b38fa937d2f3ed9e0

  • SHA1

    49a644b962762b869413b0ebf6f591d857bab6e2

  • SHA256

    c6c7107a716c79d5c627149b47ae697e685bb735cdedb5ee7dc728cad4146ea5

  • SHA512

    13dff2460a2bd939028c704e108a785c4e811978f0461dd14ff06e2478c4b5ec09d51913eff2f14f27f1c655aacb21ad11ddc98262e49114dab9d63c8c12fc48

  • SSDEEP

    1536:r4d9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZMnOHBRzU:rIdseIO+EZEyFjEOFqTiQmGnOHjzU

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      d723a022a926006b38fa937d2f3ed9e0N.exe

    • Size

      248KB

    • MD5

      d723a022a926006b38fa937d2f3ed9e0

    • SHA1

      49a644b962762b869413b0ebf6f591d857bab6e2

    • SHA256

      c6c7107a716c79d5c627149b47ae697e685bb735cdedb5ee7dc728cad4146ea5

    • SHA512

      13dff2460a2bd939028c704e108a785c4e811978f0461dd14ff06e2478c4b5ec09d51913eff2f14f27f1c655aacb21ad11ddc98262e49114dab9d63c8c12fc48

    • SSDEEP

      1536:r4d9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZMnOHBRzU:rIdseIO+EZEyFjEOFqTiQmGnOHjzU

    • Neconyd

      Neconyd is a trojan written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks