General

  • Target

    9877bc01256610a8a3ee89bc9f0aa5ad0d7f2fe82ce12659b72418713e09436cN.exe

  • Size

    35KB

  • MD5

    87a6ca24588774d8fce04a6299612270

  • SHA1

    3ec9a0f5fe6fe6978c8d5134ac3acc45339e7d2e

  • SHA256

    9877bc01256610a8a3ee89bc9f0aa5ad0d7f2fe82ce12659b72418713e09436c

  • SHA512

    fd55d90ce691f28faa957232d94a7bfa11f994e9e0e5d104cdb1663c600e7bae95a45c68b249b0269a3456467b0911001d92f699d6605d783384642eadab547e

  • SSDEEP

    768:b6vjVmakOElpmAsUA7DJHrhto2OsgwAPTUrpiEe7HpB:G8Z0kA7FHlO2OwOTUtKjpB

Score
10/10

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Signatures

  • Neconyd family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • 9877bc01256610a8a3ee89bc9f0aa5ad0d7f2fe82ce12659b72418713e09436cN.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections