Overview

overview

10

Static

static

3

caa395205d...0N.exe

windows7-x64

10

caa395205d...0N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    caa395205da0af9e4626100ad4e6487cd545b013ca431286c4031083064f3680N.exe

  • Size

    96KB

  • Sample

    250121-mes96syrdj

  • MD5

    708cabe5570c1688b17002a97837de90

  • SHA1

    eb4a4b14b32128274e404966763f7b49d24f6b4a

  • SHA256

    caa395205da0af9e4626100ad4e6487cd545b013ca431286c4031083064f3680

  • SHA512

    007241ba219fe352531d781c51599bf865087e1a83a84c731f7afced2136bc991522801132be724484a7eb6c044c90bbf1270d4b37241cb05e142a20a96678d6

  • SSDEEP

    1536:3nAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxu:3Gs8cd8eXlYairZYqMddH13u

Score
10/10
neconyddiscoverytrojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      caa395205da0af9e4626100ad4e6487cd545b013ca431286c4031083064f3680N.exe

    • Size

      96KB

    • MD5

      708cabe5570c1688b17002a97837de90

    • SHA1

      eb4a4b14b32128274e404966763f7b49d24f6b4a

    • SHA256

      caa395205da0af9e4626100ad4e6487cd545b013ca431286c4031083064f3680

    • SHA512

      007241ba219fe352531d781c51599bf865087e1a83a84c731f7afced2136bc991522801132be724484a7eb6c044c90bbf1270d4b37241cb05e142a20a96678d6

    • SSDEEP

      1536:3nAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxu:3Gs8cd8eXlYairZYqMddH13u

    Score
    10/10
    neconyddiscoverytrojan

    • Neconyd

      Neconyd is a trojan written in C++.

      trojanneconyd

    • Neconyd family

      neconyd

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks