General

  • Target

    dc1878e4a4a95511da04f2f392bac34bbfd508e2693b82aa85b562560d191a10N

  • Size

    62KB

  • Sample

    240927-z4tnfsscqh

  • MD5

    93c7df7bbcb53cdf90e0e5a7d2ddc1d0

  • SHA1

    0187ff6e25c6bfcfcd7cd0680ad34cd6c43f33d9

  • SHA256

    dc1878e4a4a95511da04f2f392bac34bbfd508e2693b82aa85b562560d191a10

  • SHA512

    b8f484a71f777a5938d8642debf942ddd16ba1c8cfe302974320f979f2144a442778651c3d911eaced4e3c3935c5d6bbf6010cb3aa50c7a88e5ed3db0be86ebf

  • SSDEEP

    768:gMEIvFGvZEr8LFK0ic46N47eSdYAHwmZQp6JXXlaa5uA:gbIvYvZEyFKF6N4yS+AQmZtl/5

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      dc1878e4a4a95511da04f2f392bac34bbfd508e2693b82aa85b562560d191a10N

    • Size

      62KB

    • MD5

      93c7df7bbcb53cdf90e0e5a7d2ddc1d0

    • SHA1

      0187ff6e25c6bfcfcd7cd0680ad34cd6c43f33d9

    • SHA256

      dc1878e4a4a95511da04f2f392bac34bbfd508e2693b82aa85b562560d191a10

    • SHA512

      b8f484a71f777a5938d8642debf942ddd16ba1c8cfe302974320f979f2144a442778651c3d911eaced4e3c3935c5d6bbf6010cb3aa50c7a88e5ed3db0be86ebf

    • SSDEEP

      768:gMEIvFGvZEr8LFK0ic46N47eSdYAHwmZQp6JXXlaa5uA:gbIvYvZEyFKF6N4yS+AQmZtl/5

    • Neconyd

      Neconyd is a trojan written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks