General
-
Target
2106dfc082f77329cc1f6bc49342252a7e261a496e97046519aaeab9b61d09beN.exe
-
Size
96KB
-
Sample
250121-f6f1laylg1
-
MD5
321909c591b4066fc06703effea9a2d0
-
SHA1
47b843e133c66949d6f6b38ba6df870d624486b9
-
SHA256
2106dfc082f77329cc1f6bc49342252a7e261a496e97046519aaeab9b61d09be
-
SHA512
9dcbf4fb3bb4c3bfcdfda9f12e5cf89e46f80ee4d0ddd5a535138c703fdbbc24198e20175d71ee065f8ec579e54a700c1414ff143fc72fdee6ebe7ad8dcf9ad3
-
SSDEEP
1536:rnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:rGs8cd8eXlYairZYqMddH13L
Static task
static1
Behavioral task
behavioral1
Sample
2106dfc082f77329cc1f6bc49342252a7e261a496e97046519aaeab9b61d09beN.exe
Resource
win7-20240903-en
Malware Config
Extracted
neconyd
http://ow5dirasuek.com/
http://mkkuei4kdsz.com/
http://lousta.net/
Targets
-
-
Target
2106dfc082f77329cc1f6bc49342252a7e261a496e97046519aaeab9b61d09beN.exe
-
Size
96KB
-
MD5
321909c591b4066fc06703effea9a2d0
-
SHA1
47b843e133c66949d6f6b38ba6df870d624486b9
-
SHA256
2106dfc082f77329cc1f6bc49342252a7e261a496e97046519aaeab9b61d09be
-
SHA512
9dcbf4fb3bb4c3bfcdfda9f12e5cf89e46f80ee4d0ddd5a535138c703fdbbc24198e20175d71ee065f8ec579e54a700c1414ff143fc72fdee6ebe7ad8dcf9ad3
-
SSDEEP
1536:rnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:rGs8cd8eXlYairZYqMddH13L
-
Neconyd family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-