Overview

overview

10

Static

static

3

a5f9a9723f...68.exe

windows7-x64

10

a5f9a9723f...68.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a5f9a9723f445f7ecff9e5756004a81c8d7c35370fc1b721ac6285c7f4010868.exe

  • Size

    96KB

  • Sample

    250212-mvcmcsxrdk

  • MD5

    90b637875a749ac270736af19984375b

  • SHA1

    11b094408ee9254e527e8a778e3e384d3ac12ec7

  • SHA256

    a5f9a9723f445f7ecff9e5756004a81c8d7c35370fc1b721ac6285c7f4010868

  • SHA512

    44b0535f2118b0f1b0d91809e557ad01cadbdf1917e34f39b13542375f7b3132e5da8d88b63c833aeada839670db5871219b0cafcbf6a9f41ae1e86c3c70e603

  • SSDEEP

    1536:SnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxR:SGs8cd8eXlYairZYqMddH13R

Score
10/10
neconyddiscoverytrojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      a5f9a9723f445f7ecff9e5756004a81c8d7c35370fc1b721ac6285c7f4010868.exe

    • Size

      96KB

    • MD5

      90b637875a749ac270736af19984375b

    • SHA1

      11b094408ee9254e527e8a778e3e384d3ac12ec7

    • SHA256

      a5f9a9723f445f7ecff9e5756004a81c8d7c35370fc1b721ac6285c7f4010868

    • SHA512

      44b0535f2118b0f1b0d91809e557ad01cadbdf1917e34f39b13542375f7b3132e5da8d88b63c833aeada839670db5871219b0cafcbf6a9f41ae1e86c3c70e603

    • SSDEEP

      1536:SnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxR:SGs8cd8eXlYairZYqMddH13R

    Score
    10/10
    neconyddiscoverytrojan

    • Neconyd

      Neconyd is a trojan written in C++.

      trojanneconyd

    • Neconyd family

      neconyd

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks