General

  • Target

    a524378e095e66386cace3169a42de70N.exe

  • Size

    76KB

  • Sample

    240821-erwl3atakl

  • MD5

    a524378e095e66386cace3169a42de70

  • SHA1

    7d12bd2acb747f5998397d848e2ba5444adf36eb

  • SHA256

    986b014bb6ae46acb71ca0178b28b531d53e4516311cc51d3430754f35a0571c

  • SHA512

    068c4689d66a3cc7c5f369d02a651d107f5e2c06706a7cd1d201e78166d210a08eb86397853bb6ed9e2fbdb48673ed7b00fdcc3dff6f53ce382d03331599f203

  • SSDEEP

    1536:Td9dseIOcE93bIvYvZEyF4EEOF6N4XS+AQmZTl/5w11:TdseIOMEZEyFjEOFqaiQm5l/5w11

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      a524378e095e66386cace3169a42de70N.exe

    • Size

      76KB

    • MD5

      a524378e095e66386cace3169a42de70

    • SHA1

      7d12bd2acb747f5998397d848e2ba5444adf36eb

    • SHA256

      986b014bb6ae46acb71ca0178b28b531d53e4516311cc51d3430754f35a0571c

    • SHA512

      068c4689d66a3cc7c5f369d02a651d107f5e2c06706a7cd1d201e78166d210a08eb86397853bb6ed9e2fbdb48673ed7b00fdcc3dff6f53ce382d03331599f203

    • SSDEEP

      1536:Td9dseIOcE93bIvYvZEyF4EEOF6N4XS+AQmZTl/5w11:TdseIOMEZEyFjEOFqaiQm5l/5w11

    • Neconyd

      Neconyd is a trojan written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks