General

  • Target

    2a6e7dfe265ad8d2dbe27d96ec1214d0N.exe

  • Size

    316KB

  • MD5

    2a6e7dfe265ad8d2dbe27d96ec1214d0

  • SHA1

    1b80927165c91e1b2dead4531f56d0a722d7951e

  • SHA256

    6599453f105829db1a36d6f3f86d1de12bcad45ecf7329e1f88003ad0da4aa44

  • SHA512

    2c9cafda5217b86b9fee5bca9afee2bab2b8517066e02e96962bb3bc73d3b7e9ddc66e770de323f0860b5f4d2de044a1c2817d249f325d4e50adc8646a8a4152

  • SSDEEP

    1536:r4d9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZUnOHBRzU:rIdseIO+EZEyFjEOFqTiQmKnOHjzU

Score
10/10

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Signatures

  • Neconyd family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2a6e7dfe265ad8d2dbe27d96ec1214d0N.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections