General
-
Target
socks
-
Size
420KB
-
Sample
230303-rehkwshb8z
-
MD5
e85fa08c1ed20440363e2e44eced6299
-
SHA1
e0867a371a5c6bfdf6bd84470b188f0817b4d23a
-
SHA256
c1f5b88413bef3bc89aacd544847d5690fe17247b10d5922e59e4cbc6c37707e
-
SHA512
73bc5a867c7b86f32257f43167c1816b9087a0fc6d70f1500194821abbdfcaddb4f79325e0b24837fabb9594284ff9bb7b180de5fc0264287a6345b146ffcfbf
-
SSDEEP
6144:g/v3nlCZp4WBAo8+zcJHZNIp4id9q/7ygt2k/BFi+Vrh+Z6QFn5EzMJ1:E/lppJHwp5e/viEg6z81
Static task
static1
Behavioral task
behavioral1
Sample
socks.exe
Resource
win7-20230220-en
Malware Config
Extracted
systembc
31.222.238.58:4280
192.168.1.28:4280
Targets
-
-
Target
socks
-
Size
420KB
-
MD5
e85fa08c1ed20440363e2e44eced6299
-
SHA1
e0867a371a5c6bfdf6bd84470b188f0817b4d23a
-
SHA256
c1f5b88413bef3bc89aacd544847d5690fe17247b10d5922e59e4cbc6c37707e
-
SHA512
73bc5a867c7b86f32257f43167c1816b9087a0fc6d70f1500194821abbdfcaddb4f79325e0b24837fabb9594284ff9bb7b180de5fc0264287a6345b146ffcfbf
-
SSDEEP
6144:g/v3nlCZp4WBAo8+zcJHZNIp4id9q/7ygt2k/BFi+Vrh+Z6QFn5EzMJ1:E/lppJHwp5e/viEg6z81
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-