Overview

overview

10

Static

static

3

2626b9f676...4N.exe

windows7-x64

10

2626b9f676...4N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2626b9f67620618d0bdbc8aeee36cfd63237625f56f7d5e7ae42af69ddef0c74N.exe

  • Size

    96KB

  • Sample

    241119-wahsbatnfl

  • MD5

    aadaeb52e55be32cc0d7a72b08e5f9a0

  • SHA1

    664ddf69e254972d8c08b050eff65342c470b346

  • SHA256

    2626b9f67620618d0bdbc8aeee36cfd63237625f56f7d5e7ae42af69ddef0c74

  • SHA512

    25f5d99ca6e77f6d6712f90b6922238673cf4a62f0917057691a0021cec356becf2a302542f50a768ea4e61a652d0c94ebf3dff6c77580d69d8c4bae49a59fbb

  • SSDEEP

    1536:0nAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxq:0Gs8cd8eXlYairZYqMddH13q

Score
10/10
neconyddiscoverytrojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      2626b9f67620618d0bdbc8aeee36cfd63237625f56f7d5e7ae42af69ddef0c74N.exe

    • Size

      96KB

    • MD5

      aadaeb52e55be32cc0d7a72b08e5f9a0

    • SHA1

      664ddf69e254972d8c08b050eff65342c470b346

    • SHA256

      2626b9f67620618d0bdbc8aeee36cfd63237625f56f7d5e7ae42af69ddef0c74

    • SHA512

      25f5d99ca6e77f6d6712f90b6922238673cf4a62f0917057691a0021cec356becf2a302542f50a768ea4e61a652d0c94ebf3dff6c77580d69d8c4bae49a59fbb

    • SSDEEP

      1536:0nAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxq:0Gs8cd8eXlYairZYqMddH13q

    Score
    10/10
    neconyddiscoverytrojan

    • Neconyd

      Neconyd is a trojan written in C++.

      trojanneconyd

    • Neconyd family

      neconyd

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks