General
-
Target
d49e634d2db2eb0ab24ef7fd095a49b1b00d22bcbcb0e1b0a5ce668c07b9e54b.exe
-
Size
134KB
-
Sample
241203-xazlhatmaj
-
MD5
9bb596eea25fc55790d229ed50b29481
-
SHA1
57169066a43d6507ec26ebde318bc1b6bcf28da8
-
SHA256
d49e634d2db2eb0ab24ef7fd095a49b1b00d22bcbcb0e1b0a5ce668c07b9e54b
-
SHA512
c78c20b30b663cfa9c4c99ba0ceed1358a58dba669cc1d6bdc15e4745b7a0900306d35d40b3cb9117bbfd100230a32e53f2fd519e5626e9355422a5f1cee6a88
-
SSDEEP
1536:sDfDbhERTatPLTH0iqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwCiN:SiRTeH0iqAW6J6f1tqF6dngNmaZCiaS
Static task
static1
Behavioral task
behavioral1
Sample
d49e634d2db2eb0ab24ef7fd095a49b1b00d22bcbcb0e1b0a5ce668c07b9e54b.exe
Resource
win7-20240708-en
Malware Config
Extracted
neconyd
http://ow5dirasuek.com/
http://mkkuei4kdsz.com/
http://lousta.net/
Targets
-
-
Target
d49e634d2db2eb0ab24ef7fd095a49b1b00d22bcbcb0e1b0a5ce668c07b9e54b.exe
-
Size
134KB
-
MD5
9bb596eea25fc55790d229ed50b29481
-
SHA1
57169066a43d6507ec26ebde318bc1b6bcf28da8
-
SHA256
d49e634d2db2eb0ab24ef7fd095a49b1b00d22bcbcb0e1b0a5ce668c07b9e54b
-
SHA512
c78c20b30b663cfa9c4c99ba0ceed1358a58dba669cc1d6bdc15e4745b7a0900306d35d40b3cb9117bbfd100230a32e53f2fd519e5626e9355422a5f1cee6a88
-
SSDEEP
1536:sDfDbhERTatPLTH0iqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwCiN:SiRTeH0iqAW6J6f1tqF6dngNmaZCiaS
-
Neconyd family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-