Overview

overview

10

Static

static

3

4797e1373f...02.exe

windows7-x64

10

4797e1373f...02.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4797e1373fcdb7ea609aaceeaf2c0f78a7e1e21d20b0bb4a045985717b199302.exe

  • Size

    96KB

  • Sample

    241219-chldmasrbm

  • MD5

    d88b3cd30e3f1447bdfac79a08df111f

  • SHA1

    a8288bfa23db0157e34e1dd91d9df0256a5eb69f

  • SHA256

    4797e1373fcdb7ea609aaceeaf2c0f78a7e1e21d20b0bb4a045985717b199302

  • SHA512

    8655eb41a84c3e8c9fc413fe95f146497e7402c8d2b3342813e537b1b72240597a0191b4e38d1443e79d82770b895dfb870a185e192ab1d9768bd61af55330f5

  • SSDEEP

    1536:onAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxb:oGs8cd8eXlYairZYqMddH13b

Score
10/10
neconyddiscoverytrojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      4797e1373fcdb7ea609aaceeaf2c0f78a7e1e21d20b0bb4a045985717b199302.exe

    • Size

      96KB

    • MD5

      d88b3cd30e3f1447bdfac79a08df111f

    • SHA1

      a8288bfa23db0157e34e1dd91d9df0256a5eb69f

    • SHA256

      4797e1373fcdb7ea609aaceeaf2c0f78a7e1e21d20b0bb4a045985717b199302

    • SHA512

      8655eb41a84c3e8c9fc413fe95f146497e7402c8d2b3342813e537b1b72240597a0191b4e38d1443e79d82770b895dfb870a185e192ab1d9768bd61af55330f5

    • SSDEEP

      1536:onAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxb:oGs8cd8eXlYairZYqMddH13b

    Score
    10/10
    neconyddiscoverytrojan

    • Neconyd

      Neconyd is a trojan written in C++.

      trojanneconyd

    • Neconyd family

      neconyd

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks