Overview

overview

10

Static

static

3

2d0f540894...5N.exe

windows7-x64

10

2d0f540894...5N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2d0f540894feefe53186ebf6ae7dbfe2a94e5a3ae82c30d68e29f321774b2245N.exe

  • Size

    96KB

  • Sample

    250216-ctk71axkam

  • MD5

    d45151a076145f6ebc39bc422b3ec890

  • SHA1

    35790c71e91a457ccc2f635d51127b61f6dd5080

  • SHA256

    2d0f540894feefe53186ebf6ae7dbfe2a94e5a3ae82c30d68e29f321774b2245

  • SHA512

    c6278b8cb886ec3dd01ecc83dd8e51fb4946ae7bf74696b6d2b123cfc761404f7a203ce92f89ae516f4d4d27accbe69af8f748472e0982f6023eb2c4e7f1fcec

  • SSDEEP

    1536:GnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxb:GGs8cd8eXlYairZYqMddH13b

Score
10/10
neconyddiscoverytrojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      2d0f540894feefe53186ebf6ae7dbfe2a94e5a3ae82c30d68e29f321774b2245N.exe

    • Size

      96KB

    • MD5

      d45151a076145f6ebc39bc422b3ec890

    • SHA1

      35790c71e91a457ccc2f635d51127b61f6dd5080

    • SHA256

      2d0f540894feefe53186ebf6ae7dbfe2a94e5a3ae82c30d68e29f321774b2245

    • SHA512

      c6278b8cb886ec3dd01ecc83dd8e51fb4946ae7bf74696b6d2b123cfc761404f7a203ce92f89ae516f4d4d27accbe69af8f748472e0982f6023eb2c4e7f1fcec

    • SSDEEP

      1536:GnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxb:GGs8cd8eXlYairZYqMddH13b

    Score
    10/10
    neconyddiscoverytrojan

    • Neconyd

      Neconyd is a trojan written in C++.

      trojanneconyd

    • Neconyd family

      neconyd

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks