General

  • Target

    1885a56768f6b22bde822d77c42fabed44887a883a274d40ac8cf4b62a1122ebN.exe

  • Size

    33KB

  • Sample

    250102-gfhl6syncr

  • MD5

    7db6c213b8b80eb3764bf9c60d7dca90

  • SHA1

    e7cca96fb428933e6555416e3134b0169b2167f8

  • SHA256

    1885a56768f6b22bde822d77c42fabed44887a883a274d40ac8cf4b62a1122eb

  • SHA512

    fd777d0fa627449ab029b443ccbe936c543fb2e405a62c4400356918a955191c7e0b40126e9a1f160854ba4557ad2b68c79d251d243ac0f54e9fa9bd2cf8cb8e

  • SSDEEP

    768:/fVhP/4kt3+9IV6Y90ksQ1oWHT0hh0vy9S5fsYGbTmoN/yE56hlSQ7D:/fVRztyHo8QNHTk0qE5fslvN/956q

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      1885a56768f6b22bde822d77c42fabed44887a883a274d40ac8cf4b62a1122ebN.exe

    • Size

      33KB

    • MD5

      7db6c213b8b80eb3764bf9c60d7dca90

    • SHA1

      e7cca96fb428933e6555416e3134b0169b2167f8

    • SHA256

      1885a56768f6b22bde822d77c42fabed44887a883a274d40ac8cf4b62a1122eb

    • SHA512

      fd777d0fa627449ab029b443ccbe936c543fb2e405a62c4400356918a955191c7e0b40126e9a1f160854ba4557ad2b68c79d251d243ac0f54e9fa9bd2cf8cb8e

    • SSDEEP

      768:/fVhP/4kt3+9IV6Y90ksQ1oWHT0hh0vy9S5fsYGbTmoN/yE56hlSQ7D:/fVRztyHo8QNHTk0qE5fslvN/956q

    • Neconyd

      Neconyd is a trojan written in C++.

    • Neconyd family

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks