General

  • Target

    ff4c36887cfd40bc006f6beda1a5b5d99a1f51c4d940c2bf786e1893f5a87c19

  • Size

    316KB

  • MD5

    6c40cdcae2617549ea80b482e76c7b58

  • SHA1

    ad096472217247755fc7818ea3aa1bfa2992c4d7

  • SHA256

    ff4c36887cfd40bc006f6beda1a5b5d99a1f51c4d940c2bf786e1893f5a87c19

  • SHA512

    c4ee23dc7de5d0c976210f6fccdbc578c4e46b02b29ca969eb80bbab294beb802dd4f5e65f9d18405bbf527e92350fc0a87f7ab38828f8c64554a499488abeea

  • SSDEEP

    1536:B4d9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZUnOHBRzU:BIdseIO+EZEyFjEOFqTiQmKnOHjzU

Score
10/10

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Signatures

  • Neconyd family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • ff4c36887cfd40bc006f6beda1a5b5d99a1f51c4d940c2bf786e1893f5a87c19
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections