General

  • Target

    4a729ffeb820ec14f00f2c66b713a390N

  • Size

    248KB

  • MD5

    4a729ffeb820ec14f00f2c66b713a390

  • SHA1

    8ebb7db78d2a1586154c07ae8a94c2adb2e9d87e

  • SHA256

    4903f8aed8a7504e372f3392dc35e7853d52a24678d7e7a2e7eac70d548d669e

  • SHA512

    6b29da20d9d74dc1c712739ee58809e0e5d5f2aaf42e0d50e64a563fb99ecb9f63b13d333747571cdfe6bdf9b3c663e86206da2cfe4fbbb879a94229892b72e6

  • SSDEEP

    1536:04d9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZMnOHBRzU:0IdseIO+EZEyFjEOFqTiQmGnOHjzU

Score
10/10

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Signatures

  • Neconyd family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4a729ffeb820ec14f00f2c66b713a390N
    .exe windows:4 windows x86 arch:x86

    b6ad8e85304192a027658f6e227d5e36


    Headers

    Imports

    Sections