Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b93f27f9f9a43ca52a30a2a285190dc5f48396fdc426f39c53c7a821d74051b3

  • Size

    96KB

  • Sample

    250205-d3zx7axldz

  • MD5

    81ec813a24cad85f5b97baf9787fa631

  • SHA1

    0a1a7d728bac16c4ba8803e3d215805a2939503e

  • SHA256

    b93f27f9f9a43ca52a30a2a285190dc5f48396fdc426f39c53c7a821d74051b3

  • SHA512

    a257a07ed481d60a5a075091b75c98ecbe01e9fe84efe7b9371bba73e1829d19a3afb29d26ca017183cd924674e08fec195e0e8417d3490edd0823c8f9aaa4b5

  • SSDEEP

    1536:mnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:mGs8cd8eXlYairZYqMddH13L

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      b93f27f9f9a43ca52a30a2a285190dc5f48396fdc426f39c53c7a821d74051b3

    • Size

      96KB

    • MD5

      81ec813a24cad85f5b97baf9787fa631

    • SHA1

      0a1a7d728bac16c4ba8803e3d215805a2939503e

    • SHA256

      b93f27f9f9a43ca52a30a2a285190dc5f48396fdc426f39c53c7a821d74051b3

    • SHA512

      a257a07ed481d60a5a075091b75c98ecbe01e9fe84efe7b9371bba73e1829d19a3afb29d26ca017183cd924674e08fec195e0e8417d3490edd0823c8f9aaa4b5

    • SSDEEP

      1536:mnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:mGs8cd8eXlYairZYqMddH13L

    • Neconyd

      Neconyd is a trojan written in C++.

    • Neconyd family

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks