General

  • Target

    4ec35dc413fea4d073d1a7d6334c2930N.exe

  • Size

    35KB

  • Sample

    240820-tmlnmavflm

  • MD5

    4ec35dc413fea4d073d1a7d6334c2930

  • SHA1

    81f3ff3b2b803a2e6232c86b24630cf20df26839

  • SHA256

    4bc9a69042f10e7ca471587e8382a39200a0f10f6ea5151a8e462deca59aeb5f

  • SHA512

    cb0109b65af831149df400e74c160e76a181f303769a73635b977b3cb1cf66da810769d67f2ffd24cf8f0d8118a6911f6a047dbf2561ff8421fb2983d34ab6e3

  • SSDEEP

    768:c6vjVmakOElpmAsUA7DJHrhto2OsgwAPTUrpiEe7HpB:b8Z0kA7FHlO2OwOTUtKjpB

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      4ec35dc413fea4d073d1a7d6334c2930N.exe

    • Size

      35KB

    • MD5

      4ec35dc413fea4d073d1a7d6334c2930

    • SHA1

      81f3ff3b2b803a2e6232c86b24630cf20df26839

    • SHA256

      4bc9a69042f10e7ca471587e8382a39200a0f10f6ea5151a8e462deca59aeb5f

    • SHA512

      cb0109b65af831149df400e74c160e76a181f303769a73635b977b3cb1cf66da810769d67f2ffd24cf8f0d8118a6911f6a047dbf2561ff8421fb2983d34ab6e3

    • SSDEEP

      768:c6vjVmakOElpmAsUA7DJHrhto2OsgwAPTUrpiEe7HpB:b8Z0kA7FHlO2OwOTUtKjpB

    • Neconyd

      Neconyd is a trojan written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks