Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
1726f118cc86819c43bdcbe7d625ff051c530a2583ee07d445d6095580d9b72a.exe
-
Size
134KB
-
Sample
250202-aszb5ayqbm
-
MD5
099abb3081d65799fc9b40e3df5cd1a8
-
SHA1
ceb4f89461297162a73acd8ffc58b56e24109d5c
-
SHA256
1726f118cc86819c43bdcbe7d625ff051c530a2583ee07d445d6095580d9b72a
-
SHA512
a71ce8a1f65c9f3383d6dbc52fb9c208054bfb8cf2c0b06164325ad1764ca05cba86885a4b5f51f1c677a29966bf89626c4bda9e15e260ecd4ff12d488bb58b6
-
SSDEEP
1536:qDfDbhERTatPLTH0iqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwCi/:MiRTeH0iqAW6J6f1tqF6dngNmaZCiaI
Malware Config
Extracted
neconyd
http://ow5dirasuek.com/
http://mkkuei4kdsz.com/
http://lousta.net/
Targets
-
-
Target
1726f118cc86819c43bdcbe7d625ff051c530a2583ee07d445d6095580d9b72a.exe
-
Size
134KB
-
MD5
099abb3081d65799fc9b40e3df5cd1a8
-
SHA1
ceb4f89461297162a73acd8ffc58b56e24109d5c
-
SHA256
1726f118cc86819c43bdcbe7d625ff051c530a2583ee07d445d6095580d9b72a
-
SHA512
a71ce8a1f65c9f3383d6dbc52fb9c208054bfb8cf2c0b06164325ad1764ca05cba86885a4b5f51f1c677a29966bf89626c4bda9e15e260ecd4ff12d488bb58b6
-
SSDEEP
1536:qDfDbhERTatPLTH0iqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwCi/:MiRTeH0iqAW6J6f1tqF6dngNmaZCiaI
Score10/10-
Neconyd
Neconyd is a trojan written in C++.
-
Neconyd family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-