General

  • Target

    bd47a4d624cd9d5c053cde989578bfea0a5b0455d67695b5f2d7dfa8b759cf9b

  • Size

    64KB

  • Sample

    241203-b9nsdszkgj

  • MD5

    c2d49e2305e0cb31efac6f967748f9cb

  • SHA1

    7419a4f88a5a00d8445cf25b3c1f1d6722d5653f

  • SHA256

    bd47a4d624cd9d5c053cde989578bfea0a5b0455d67695b5f2d7dfa8b759cf9b

  • SHA512

    791eb5fb4747343389f8af06540eef1e94149d98e8af154dbd1164149d448276d92b5a447bb7bc36a0ef913c3741ff5b1c7d7486f88a84e133dbed1cd7206bc5

  • SSDEEP

    768:JMEIvFGvZEr8LFK0ic46N47eSdYAHwmZwSp6JXXlaa5uA:JbIvYvZEyFKF6N4yS+AQmZcl/5

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      bd47a4d624cd9d5c053cde989578bfea0a5b0455d67695b5f2d7dfa8b759cf9b

    • Size

      64KB

    • MD5

      c2d49e2305e0cb31efac6f967748f9cb

    • SHA1

      7419a4f88a5a00d8445cf25b3c1f1d6722d5653f

    • SHA256

      bd47a4d624cd9d5c053cde989578bfea0a5b0455d67695b5f2d7dfa8b759cf9b

    • SHA512

      791eb5fb4747343389f8af06540eef1e94149d98e8af154dbd1164149d448276d92b5a447bb7bc36a0ef913c3741ff5b1c7d7486f88a84e133dbed1cd7206bc5

    • SSDEEP

      768:JMEIvFGvZEr8LFK0ic46N47eSdYAHwmZwSp6JXXlaa5uA:JbIvYvZEyFKF6N4yS+AQmZcl/5

    • Neconyd

      Neconyd is a trojan written in C++.

    • Neconyd family

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks