General

  • Target

    808d2048606582016225a9d9b5cbc200d60b62021338cafc807f120d3ac7a527N

  • Size

    64KB

  • Sample

    241104-bz1n7szhpr

  • MD5

    2c6d0045a5d19450d6542410dbd75100

  • SHA1

    3aea2864883b75b2b45d78fdf56a62d09f541537

  • SHA256

    808d2048606582016225a9d9b5cbc200d60b62021338cafc807f120d3ac7a527

  • SHA512

    2edaa924ac4197a638e97034bd6f360592cc4da5f6ab7322cee29019960ef071f18fd708b91f2f8ebbe1f3308f0355db3d1faf1bee84fee67b7014a48d7a8299

  • SSDEEP

    768:RMEIvFGvZEr8LFK0ic46N47eSdYAHwmZwSp6JXXlaa5uA:RbIvYvZEyFKF6N4yS+AQmZcl/5

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      808d2048606582016225a9d9b5cbc200d60b62021338cafc807f120d3ac7a527N

    • Size

      64KB

    • MD5

      2c6d0045a5d19450d6542410dbd75100

    • SHA1

      3aea2864883b75b2b45d78fdf56a62d09f541537

    • SHA256

      808d2048606582016225a9d9b5cbc200d60b62021338cafc807f120d3ac7a527

    • SHA512

      2edaa924ac4197a638e97034bd6f360592cc4da5f6ab7322cee29019960ef071f18fd708b91f2f8ebbe1f3308f0355db3d1faf1bee84fee67b7014a48d7a8299

    • SSDEEP

      768:RMEIvFGvZEr8LFK0ic46N47eSdYAHwmZwSp6JXXlaa5uA:RbIvYvZEyFKF6N4yS+AQmZcl/5

    • Neconyd

      Neconyd is a trojan written in C++.

    • Neconyd family

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks