Overview

overview

10

Static

static

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-09-25_c610352ac5f2a0a2a812fcd0d3d15fb5_aspxspy_cryptolocker_poison-ivy_wannacry

  • Size

    114.4MB

  • MD5

    c610352ac5f2a0a2a812fcd0d3d15fb5

  • SHA1

    fd2dcb7c69bbf6096b1d6889f3175e006c33b2f4

  • SHA256

    f4356dbd3d06c348ecdcc3347e871a9d168aa6bfba70dc647cc2d03a9fa6af39

  • SHA512

    857575f2f0f51f44c3dbc3a056583146bca82f6117f09d89fc86e5036ac8a84af8012be338074da142b651d46c224b3796293f5ba3f90664798bced37fefece9

  • SSDEEP

    1572864:mkgik+tKkEvC38tBEyDf2UjaF4xV9oF9mH3B5YYgQ8Sl8XW:4ikuKJT7f+6zp8m

Score
10/10
ratdcratneconyd

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Signatures

  • DCRat payload 1 IoCs

    Detects payload of DCRat, commonly dropped by NSIS installers.

    rat
  • Dcrat family
    dcrat
  • Neconyd family
    neconyd

Files

  • 2024-09-25_c610352ac5f2a0a2a812fcd0d3d15fb5_aspxspy_cryptolocker_poison-ivy_wannacry