Behavioral task
behavioral1
Sample
ff4c36887cfd40bc006f6beda1a5b5d99a1f51c4d940c2bf786e1893f5a87c19.exe
Resource
win7-20240903-en
General
-
Target
ff4c36887cfd40bc006f6beda1a5b5d99a1f51c4d940c2bf786e1893f5a87c19
-
Size
316KB
-
MD5
6c40cdcae2617549ea80b482e76c7b58
-
SHA1
ad096472217247755fc7818ea3aa1bfa2992c4d7
-
SHA256
ff4c36887cfd40bc006f6beda1a5b5d99a1f51c4d940c2bf786e1893f5a87c19
-
SHA512
c4ee23dc7de5d0c976210f6fccdbc578c4e46b02b29ca969eb80bbab294beb802dd4f5e65f9d18405bbf527e92350fc0a87f7ab38828f8c64554a499488abeea
-
SSDEEP
1536:B4d9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZUnOHBRzU:BIdseIO+EZEyFjEOFqTiQmKnOHjzU
Malware Config
Extracted
neconyd
http://ow5dirasuek.com/
http://mkkuei4kdsz.com/
http://lousta.net/
Signatures
Files
-
ff4c36887cfd40bc006f6beda1a5b5d99a1f51c4d940c2bf786e1893f5a87c19.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: 136KB - Virtual size: 136KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 36KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 140KB - Virtual size: 140KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE