Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    05fae45a3ced7b2ea7efab6b5e3c7789b6f87a3758ad393d00e50f18964dd8eaN.exe

  • Size

    316KB

  • Sample

    250208-jmaagstjhv

  • MD5

    b3530d6ad93fa9abfcf1707e42fe7710

  • SHA1

    796fb8a6d16ddba69cfaf1ce5cfb57fd5eb689d2

  • SHA256

    05fae45a3ced7b2ea7efab6b5e3c7789b6f87a3758ad393d00e50f18964dd8ea

  • SHA512

    a5c3779835e0f64d476c30003810d3c717afd934a1a2666d0e69d9edb691783b36cbbb934bf102b341a73c74b537b84df1fe4e24593fadace4fb81eb6641ba07

  • SSDEEP

    1536:u4d9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZUnOHBRzU:uIdseIO+EZEyFjEOFqTiQmKnOHjzU

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      05fae45a3ced7b2ea7efab6b5e3c7789b6f87a3758ad393d00e50f18964dd8eaN.exe

    • Size

      316KB

    • MD5

      b3530d6ad93fa9abfcf1707e42fe7710

    • SHA1

      796fb8a6d16ddba69cfaf1ce5cfb57fd5eb689d2

    • SHA256

      05fae45a3ced7b2ea7efab6b5e3c7789b6f87a3758ad393d00e50f18964dd8ea

    • SHA512

      a5c3779835e0f64d476c30003810d3c717afd934a1a2666d0e69d9edb691783b36cbbb934bf102b341a73c74b537b84df1fe4e24593fadace4fb81eb6641ba07

    • SSDEEP

      1536:u4d9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZUnOHBRzU:uIdseIO+EZEyFjEOFqTiQmKnOHjzU

    • Neconyd

      Neconyd is a trojan written in C++.

    • Neconyd family

    • Downloads MZ/PE file

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks