General

  • Target

    3f5fcd5ba5cf7197ccded48ca1636edc272ed03f8ccae89c3913407937ca50f6

  • Size

    84KB

  • Sample

    241109-1dy1xssgmr

  • MD5

    d326e584f6e649451c1edf07f079b4ed

  • SHA1

    0320fb6dd06829ed5d57bab2757a9a51df4a89d2

  • SHA256

    3f5fcd5ba5cf7197ccded48ca1636edc272ed03f8ccae89c3913407937ca50f6

  • SHA512

    f58bd45c0a364987fa2a55bdc624f999d52af89cc3ccdb490a2dd4e87cee421bc46c5b57bc9eb51a9c879005dd52d8e95a24938aa4402ee76131baa7c5065079

  • SSDEEP

    1536:3d9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZTl/5:/dseIOMEZEyFjEOFqTiQm5l/5

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      3f5fcd5ba5cf7197ccded48ca1636edc272ed03f8ccae89c3913407937ca50f6

    • Size

      84KB

    • MD5

      d326e584f6e649451c1edf07f079b4ed

    • SHA1

      0320fb6dd06829ed5d57bab2757a9a51df4a89d2

    • SHA256

      3f5fcd5ba5cf7197ccded48ca1636edc272ed03f8ccae89c3913407937ca50f6

    • SHA512

      f58bd45c0a364987fa2a55bdc624f999d52af89cc3ccdb490a2dd4e87cee421bc46c5b57bc9eb51a9c879005dd52d8e95a24938aa4402ee76131baa7c5065079

    • SSDEEP

      1536:3d9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZTl/5:/dseIOMEZEyFjEOFqTiQm5l/5

    • Neconyd

      Neconyd is a trojan written in C++.

    • Neconyd family

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks