Overview

overview

10

Static

static

10

5437a30f81...fN.exe

windows7-x64

10

5437a30f81...fN.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    5437a30f81b1243c760ce4bf93f02b2efc8b833f813184df5323e52a6bdcbfdfN

  • Size

    316KB

  • MD5

    1fb2fa9e12f46cadca14254463278460

  • SHA1

    d21ac1d322168690e50a9f38464cfd9c29b4af08

  • SHA256

    5437a30f81b1243c760ce4bf93f02b2efc8b833f813184df5323e52a6bdcbfdf

  • SHA512

    8c2103d06cd380699f7f2e953bb957d91c1e153ecea374fc0407c458f43e5e7e8a20bb7981f24ad12103f8000d717e8418990e0bbde3a0150924fe2b5d582891

  • SSDEEP

    1536:Y4d9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZUnOHBRzU:YIdseIO+EZEyFjEOFqTiQmKnOHjzU

Score
10/10
upxneconyd

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Signatures

  • Neconyd family
    neconyd
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 5437a30f81b1243c760ce4bf93f02b2efc8b833f813184df5323e52a6bdcbfdfN
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections