General
-
Target
953367b0ce6b0ebf5dda2477828e5a7750b072700d9c96c29136f152d0c3f489
-
Size
1.4MB
-
Sample
220521-m723sadcb2
-
MD5
7f9a498cc692f9f3f0cfe241c80e8ad8
-
SHA1
b5c3f7322da2c8b8ce0f473a26b54d057593162e
-
SHA256
953367b0ce6b0ebf5dda2477828e5a7750b072700d9c96c29136f152d0c3f489
-
SHA512
8fa1b099c07e5aa352a6c5d0288ffd1ce0c5208fda361bb0129c03fbc16d3a84d12fa6067d143e82795343d9c3c847e35ec6b6638373329467d9025933766db6
Static task
static1
Behavioral task
behavioral1
Sample
953367b0ce6b0ebf5dda2477828e5a7750b072700d9c96c29136f152d0c3f489.exe
Resource
win7-20220414-en
Malware Config
Extracted
socelars
http://www.nicekkk.pw/
http://www.nextinfo.pw/
http://www.allinfo.pw/
Targets
-
-
Target
953367b0ce6b0ebf5dda2477828e5a7750b072700d9c96c29136f152d0c3f489
-
Size
1.4MB
-
MD5
7f9a498cc692f9f3f0cfe241c80e8ad8
-
SHA1
b5c3f7322da2c8b8ce0f473a26b54d057593162e
-
SHA256
953367b0ce6b0ebf5dda2477828e5a7750b072700d9c96c29136f152d0c3f489
-
SHA512
8fa1b099c07e5aa352a6c5d0288ffd1ce0c5208fda361bb0129c03fbc16d3a84d12fa6067d143e82795343d9c3c847e35ec6b6638373329467d9025933766db6
-
suricata: ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz
suricata: ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-