Overview

overview

10

Static

static

3

15c538ead9...38.exe

windows7-x64

10

15c538ead9...38.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    15c538ead97c232b8d37502b0c43155decfd555365bc8dad5691a04c560b6238.exe

  • Size

    96KB

  • Sample

    241127-pjecxssrhw

  • MD5

    e58fd0af9de86fcbb0be2a86cc0b218d

  • SHA1

    e2f68908f94893d96b6c8940e7d0ce552d126d06

  • SHA256

    15c538ead97c232b8d37502b0c43155decfd555365bc8dad5691a04c560b6238

  • SHA512

    6917a5f258faae1a6b5d4b35955a2082497337f3c19371ca7d531ef98fde43dc1e81980607c8cfb4ea703e96bd79d442b75cd171f5dbd98c30e3be2721a69f75

  • SSDEEP

    1536:knAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxB:kGs8cd8eXlYairZYqMddH13B

Score
10/10
neconyddiscoverytrojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      15c538ead97c232b8d37502b0c43155decfd555365bc8dad5691a04c560b6238.exe

    • Size

      96KB

    • MD5

      e58fd0af9de86fcbb0be2a86cc0b218d

    • SHA1

      e2f68908f94893d96b6c8940e7d0ce552d126d06

    • SHA256

      15c538ead97c232b8d37502b0c43155decfd555365bc8dad5691a04c560b6238

    • SHA512

      6917a5f258faae1a6b5d4b35955a2082497337f3c19371ca7d531ef98fde43dc1e81980607c8cfb4ea703e96bd79d442b75cd171f5dbd98c30e3be2721a69f75

    • SSDEEP

      1536:knAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxB:kGs8cd8eXlYairZYqMddH13B

    Score
    10/10
    neconyddiscoverytrojan

    • Neconyd

      Neconyd is a trojan written in C++.

      trojanneconyd

    • Neconyd family

      neconyd

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks