General

  • Target

    e3f3322f1e6d3f2e60f2812fa66d87b0N.exe

  • Size

    248KB

  • Sample

    240821-b85phsthra

  • MD5

    e3f3322f1e6d3f2e60f2812fa66d87b0

  • SHA1

    daef4e4de3022cbdf9900b49f3f338b4fc0c23b4

  • SHA256

    c5742e3c9106c3a42d412621f21cd2b6b571266f96b56407358f09186ee63ccb

  • SHA512

    93d5c99555c3df9f26652bbef74c0df0be256e722a0b1d0143ed8990eac8b81124c9624ac391ec75cd5432b287430eec4864a8393a9333b5ecbb09f8d362d55e

  • SSDEEP

    1536:o4d9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZMnOHBRzU:oIdseIO+EZEyFjEOFqTiQmGnOHjzU

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      e3f3322f1e6d3f2e60f2812fa66d87b0N.exe

    • Size

      248KB

    • MD5

      e3f3322f1e6d3f2e60f2812fa66d87b0

    • SHA1

      daef4e4de3022cbdf9900b49f3f338b4fc0c23b4

    • SHA256

      c5742e3c9106c3a42d412621f21cd2b6b571266f96b56407358f09186ee63ccb

    • SHA512

      93d5c99555c3df9f26652bbef74c0df0be256e722a0b1d0143ed8990eac8b81124c9624ac391ec75cd5432b287430eec4864a8393a9333b5ecbb09f8d362d55e

    • SSDEEP

      1536:o4d9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZMnOHBRzU:oIdseIO+EZEyFjEOFqTiQmGnOHjzU

    • Neconyd

      Neconyd is a trojan written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks