Overview

overview

10

Static

static

3

f34eb99248...cN.exe

windows7-x64

10

f34eb99248...cN.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f34eb9924850254d8ad5eb74c0c98e0c8d4f39b93dd9aadc74c20d72a3ef591cN.exe

  • Size

    96KB

  • Sample

    250120-xn7t2atpfv

  • MD5

    065819ff293446c42805e107e60b27f0

  • SHA1

    61e2b3344bb017cecbe99b200ba68c5492147d50

  • SHA256

    f34eb9924850254d8ad5eb74c0c98e0c8d4f39b93dd9aadc74c20d72a3ef591c

  • SHA512

    92a7da14d2a3ce97f96d1c52de18a1b6a4de3a078e6e671578893d5ad54b3b5da46f26fda01415fca15eeb1bb92c1f70d248f682bf3e48bcd795e3ed3d0cb5f1

  • SSDEEP

    1536:VnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:VGs8cd8eXlYairZYqMddH13L

Score
10/10
neconyddiscoverytrojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      f34eb9924850254d8ad5eb74c0c98e0c8d4f39b93dd9aadc74c20d72a3ef591cN.exe

    • Size

      96KB

    • MD5

      065819ff293446c42805e107e60b27f0

    • SHA1

      61e2b3344bb017cecbe99b200ba68c5492147d50

    • SHA256

      f34eb9924850254d8ad5eb74c0c98e0c8d4f39b93dd9aadc74c20d72a3ef591c

    • SHA512

      92a7da14d2a3ce97f96d1c52de18a1b6a4de3a078e6e671578893d5ad54b3b5da46f26fda01415fca15eeb1bb92c1f70d248f682bf3e48bcd795e3ed3d0cb5f1

    • SSDEEP

      1536:VnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:VGs8cd8eXlYairZYqMddH13L

    Score
    10/10
    neconyddiscoverytrojan

    • Neconyd

      Neconyd is a trojan written in C++.

      trojanneconyd

    • Neconyd family

      neconyd

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks