General

  • Target

    ed7b26006199702295ac184a13aba440N.exe

  • Size

    248KB

  • Sample

    240820-zjmpeasekb

  • MD5

    ed7b26006199702295ac184a13aba440

  • SHA1

    b329e7ffac42beb020a3613c7901f4d7ff0e67d8

  • SHA256

    ff3aac2956956961315953841e3e2d765b46e8ba857f1e4006ae11339a4e5407

  • SHA512

    981089ce96af29cbfd0cd4458ece66322fa86133f109843caa3ed33104422b866f25710d1de10acd90b69b2022b33c09f8fdd76cc70ff2687803eb53e7dd9330

  • SSDEEP

    1536:/4d9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZMnOHBRzU:/IdseIO+EZEyFjEOFqTiQmGnOHjzU

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      ed7b26006199702295ac184a13aba440N.exe

    • Size

      248KB

    • MD5

      ed7b26006199702295ac184a13aba440

    • SHA1

      b329e7ffac42beb020a3613c7901f4d7ff0e67d8

    • SHA256

      ff3aac2956956961315953841e3e2d765b46e8ba857f1e4006ae11339a4e5407

    • SHA512

      981089ce96af29cbfd0cd4458ece66322fa86133f109843caa3ed33104422b866f25710d1de10acd90b69b2022b33c09f8fdd76cc70ff2687803eb53e7dd9330

    • SSDEEP

      1536:/4d9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZMnOHBRzU:/IdseIO+EZEyFjEOFqTiQmGnOHjzU

    • Neconyd

      Neconyd is a trojan written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks