Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
6bc419bdef541e710b923044c31bbcb1b2ce2af98135333aefe0869d00d2e2e4.exe
-
Size
96KB
-
Sample
250120-gw92csvqbk
-
MD5
8fc5f68cde19d34cf651fc419d9e231e
-
SHA1
ad35d560d15cb94f688f6caeceb72dce1870f059
-
SHA256
6bc419bdef541e710b923044c31bbcb1b2ce2af98135333aefe0869d00d2e2e4
-
SHA512
86a8dc65e2f15ca424059ea67235a4b183fc7a3986b87495ebf114d7a665187032f7f226b72d2dee26fb4692b42c6a6bc213184c3717c18847ee71797a7f0aa5
-
SSDEEP
1536:LnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxx6:LGs8cd8eXlYairZYqMddH136
Malware Config
Extracted
neconyd
http://ow5dirasuek.com/
http://mkkuei4kdsz.com/
http://lousta.net/
Targets
-
-
Target
6bc419bdef541e710b923044c31bbcb1b2ce2af98135333aefe0869d00d2e2e4.exe
-
Size
96KB
-
MD5
8fc5f68cde19d34cf651fc419d9e231e
-
SHA1
ad35d560d15cb94f688f6caeceb72dce1870f059
-
SHA256
6bc419bdef541e710b923044c31bbcb1b2ce2af98135333aefe0869d00d2e2e4
-
SHA512
86a8dc65e2f15ca424059ea67235a4b183fc7a3986b87495ebf114d7a665187032f7f226b72d2dee26fb4692b42c6a6bc213184c3717c18847ee71797a7f0aa5
-
SSDEEP
1536:LnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxx6:LGs8cd8eXlYairZYqMddH136
Score10/10-
Neconyd
Neconyd is a trojan written in C++.
-
Neconyd family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-