General
-
Target
1919427d05b6f678cebac0cd9daea41087a6fa72a4b5c08d72da4c144c94fa8eN.exe
-
Size
96KB
-
Sample
250120-d4f7gayrat
-
MD5
586bb056d66f7795ae2f1abe1b028480
-
SHA1
06364bd0a7b8198e864f7d45ad750789cdb3727b
-
SHA256
1919427d05b6f678cebac0cd9daea41087a6fa72a4b5c08d72da4c144c94fa8e
-
SHA512
da67386310e6059a6dbd68cc1b69bc2bb7c19802c3114e9aba6627f5f8b5b3b9ef569b32de1b1bb7c6a22ba5bcd98f8eed34081e1ef3acd58f9808b40c4cb889
-
SSDEEP
1536:CnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxb:CGs8cd8eXlYairZYqMddH13b
Static task
static1
Behavioral task
behavioral1
Sample
1919427d05b6f678cebac0cd9daea41087a6fa72a4b5c08d72da4c144c94fa8eN.exe
Resource
win7-20240903-en
Malware Config
Extracted
neconyd
http://ow5dirasuek.com/
http://mkkuei4kdsz.com/
http://lousta.net/
Targets
-
-
Target
1919427d05b6f678cebac0cd9daea41087a6fa72a4b5c08d72da4c144c94fa8eN.exe
-
Size
96KB
-
MD5
586bb056d66f7795ae2f1abe1b028480
-
SHA1
06364bd0a7b8198e864f7d45ad750789cdb3727b
-
SHA256
1919427d05b6f678cebac0cd9daea41087a6fa72a4b5c08d72da4c144c94fa8e
-
SHA512
da67386310e6059a6dbd68cc1b69bc2bb7c19802c3114e9aba6627f5f8b5b3b9ef569b32de1b1bb7c6a22ba5bcd98f8eed34081e1ef3acd58f9808b40c4cb889
-
SSDEEP
1536:CnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxb:CGs8cd8eXlYairZYqMddH13b
-
Neconyd family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-