Overview

overview

10

Static

static

3

61321ac128...bN.exe

windows7-x64

10

61321ac128...bN.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    61321ac128d3d5dbb22385e8d5880c9527d4c1c59873bac01223cc2d62e9e0abN.exe

  • Size

    96KB

  • Sample

    241231-t951sasjcq

  • MD5

    f4e9b81146e3a7c76fcd136712d9be40

  • SHA1

    e7cffad0e338c3f13e179bc3920d40c144d0d3ed

  • SHA256

    61321ac128d3d5dbb22385e8d5880c9527d4c1c59873bac01223cc2d62e9e0ab

  • SHA512

    4c3cbd65c12714a99d99e49aa5881c0c0b2bc11587a996df34b052754bd0643af83239087659ddd2458cb92f247109b60a40f65f66d4e716a294956d0f4fa8c5

  • SSDEEP

    1536:inAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:iGs8cd8eXlYairZYqMddH13L

Score
10/10
neconyddiscoverytrojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      61321ac128d3d5dbb22385e8d5880c9527d4c1c59873bac01223cc2d62e9e0abN.exe

    • Size

      96KB

    • MD5

      f4e9b81146e3a7c76fcd136712d9be40

    • SHA1

      e7cffad0e338c3f13e179bc3920d40c144d0d3ed

    • SHA256

      61321ac128d3d5dbb22385e8d5880c9527d4c1c59873bac01223cc2d62e9e0ab

    • SHA512

      4c3cbd65c12714a99d99e49aa5881c0c0b2bc11587a996df34b052754bd0643af83239087659ddd2458cb92f247109b60a40f65f66d4e716a294956d0f4fa8c5

    • SSDEEP

      1536:inAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:iGs8cd8eXlYairZYqMddH13L

    Score
    10/10
    neconyddiscoverytrojan

    • Neconyd

      Neconyd is a trojan written in C++.

      trojanneconyd

    • Neconyd family

      neconyd

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks