General

  • Target

    18ad1498bc441a86e5632e8fa1f8bd7ee9b57182dee100bac59bd77dbbd22826N

  • Size

    316KB

  • MD5

    c648cdad2b926b2680749695d2f19480

  • SHA1

    e266059244844a15ce21dd1fd153e6a9a2f8d1ae

  • SHA256

    18ad1498bc441a86e5632e8fa1f8bd7ee9b57182dee100bac59bd77dbbd22826

  • SHA512

    fb70ffe6ed8f6b1551797c5f14a9221353efad0628b2ba5120bb58d049e73ee1be4bd2d637ec8392921d071f5811bae39ac7b9861b1038fc3fdafa6acbd60057

  • SSDEEP

    1536:l4d9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZUnOHBRzU:lIdseIO+EZEyFjEOFqTiQmKnOHjzU

Score
10/10

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Signatures

  • Neconyd family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 18ad1498bc441a86e5632e8fa1f8bd7ee9b57182dee100bac59bd77dbbd22826N
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections