Overview
overview
3Static
static
3BINDInstall.exe
windows7-x64
1BINDInstall.exe
windows10-2004-x64
1arpaname.exe
windows7-x64
arpaname.exe
windows10-2004-x64
bindevt.dll
windows7-x64
1bindevt.dll
windows10-2004-x64
1ddns-confgen.exe
windows7-x64
ddns-confgen.exe
windows10-2004-x64
dig.exe
windows7-x64
dig.exe
windows10-2004-x64
dnssec-dsfromkey.exe
windows7-x64
dnssec-dsfromkey.exe
windows10-2004-x64
dnssec-key...el.exe
windows7-x64
dnssec-key...el.exe
windows10-2004-x64
dnssec-keygen.exe
windows7-x64
dnssec-keygen.exe
windows10-2004-x64
dnssec-revoke.exe
windows7-x64
dnssec-revoke.exe
windows10-2004-x64
dnssec-settime.exe
windows7-x64
dnssec-settime.exe
windows10-2004-x64
dnssec-signzone.exe
windows7-x64
dnssec-signzone.exe
windows10-2004-x64
genrandom.exe
windows7-x64
genrandom.exe
windows10-2004-x64
host.exe
windows7-x64
host.exe
windows10-2004-x64
isc-hmac-fixup.exe
windows7-x64
isc-hmac-fixup.exe
windows10-2004-x64
libbind9.dll
windows7-x64
1libbind9.dll
windows10-2004-x64
1libdns.dll
windows7-x64
1libdns.dll
windows10-2004-x64
1General
-
Target
70eecf035427dac4f870c958edaec8457f149f64d2360450b4ee5622d825c24b.zip.zip
-
Size
12.7MB
-
Sample
231107-rw3bmahg4x
-
MD5
760806de3c3e464998d1f2c4a75481f1
-
SHA1
f083440bfcac5cd2742e702868110a30a26a52bf
-
SHA256
d9b9820b03a2081f5575b05314fc7298b8a7d37250d40da04614e683607fd95f
-
SHA512
9a5d046eaf39d55d962cbb2489e037b1580ad56bd6b79e52a0d1e248ec03d129ea9de042bbf6a2703900ad13bba4283c8f3cff1a3cb389ab3f4e4d6c45282a27
-
SSDEEP
393216:KR++uKVlkmSy5nQTB1ItBnrAddxx8vB8/eNi:guKVlkmp5nQTUDbBoeNi
Static task
static1
Behavioral task
behavioral1
Sample
BINDInstall.exe
Resource
win7-20231025-en
Behavioral task
behavioral2
Sample
BINDInstall.exe
Resource
win10v2004-20231025-en
Behavioral task
behavioral3
Sample
arpaname.exe
Resource
win7-20231025-en
Behavioral task
behavioral4
Sample
arpaname.exe
Resource
win10v2004-20231025-en
Behavioral task
behavioral5
Sample
bindevt.dll
Resource
win7-20231025-en
Behavioral task
behavioral6
Sample
bindevt.dll
Resource
win10v2004-20231020-en
Behavioral task
behavioral7
Sample
ddns-confgen.exe
Resource
win7-20231020-en
Behavioral task
behavioral8
Sample
ddns-confgen.exe
Resource
win10v2004-20231023-en
Behavioral task
behavioral9
Sample
dig.exe
Resource
win7-20231020-en
Behavioral task
behavioral10
Sample
dig.exe
Resource
win10v2004-20231020-en
Behavioral task
behavioral11
Sample
dnssec-dsfromkey.exe
Resource
win7-20231020-en
Behavioral task
behavioral12
Sample
dnssec-dsfromkey.exe
Resource
win10v2004-20231023-en
Behavioral task
behavioral13
Sample
dnssec-keyfromlabel.exe
Resource
win7-20231023-en
Behavioral task
behavioral14
Sample
dnssec-keyfromlabel.exe
Resource
win10v2004-20231020-en
Behavioral task
behavioral15
Sample
dnssec-keygen.exe
Resource
win7-20231020-en
Behavioral task
behavioral16
Sample
dnssec-keygen.exe
Resource
win10v2004-20231023-en
Behavioral task
behavioral17
Sample
dnssec-revoke.exe
Resource
win7-20231023-en
Behavioral task
behavioral18
Sample
dnssec-revoke.exe
Resource
win10v2004-20231023-en
Behavioral task
behavioral19
Sample
dnssec-settime.exe
Resource
win7-20231020-en
Behavioral task
behavioral20
Sample
dnssec-settime.exe
Resource
win10v2004-20231020-en
Behavioral task
behavioral21
Sample
dnssec-signzone.exe
Resource
win7-20231020-en
Behavioral task
behavioral22
Sample
dnssec-signzone.exe
Resource
win10v2004-20231023-en
Behavioral task
behavioral23
Sample
genrandom.exe
Resource
win7-20231023-en
Behavioral task
behavioral24
Sample
genrandom.exe
Resource
win10v2004-20231020-en
Behavioral task
behavioral25
Sample
host.exe
Resource
win7-20231023-en
Behavioral task
behavioral26
Sample
host.exe
Resource
win10v2004-20231020-en
Behavioral task
behavioral27
Sample
isc-hmac-fixup.exe
Resource
win7-20231020-en
Behavioral task
behavioral28
Sample
isc-hmac-fixup.exe
Resource
win10v2004-20231023-en
Behavioral task
behavioral29
Sample
libbind9.dll
Resource
win7-20231020-en
Behavioral task
behavioral30
Sample
libbind9.dll
Resource
win10v2004-20231023-en
Behavioral task
behavioral31
Sample
libdns.dll
Resource
win7-20231023-en
Behavioral task
behavioral32
Sample
libdns.dll
Resource
win10v2004-20231023-en
Malware Config
Targets
-
-
Target
BINDInstall.exe
-
Size
2.1MB
-
MD5
fef7e01ecc012c65312aa23ce6df3742
-
SHA1
114e8caf4353112c94cce701ac750e46c8334f88
-
SHA256
61ee7dbb52941df420578e57602f8f12d2c5607393646e0ae31c0548fb52cf93
-
SHA512
6f7a4548bec81961b20add3474d6f84bef9f6ce2593cd0cda7da4f12d0108fa5fd912eb406e39f9705a971be43a5102fb375d2ac0b097763be54aa071d71d0db
-
SSDEEP
24576:jPrY4zNJTGIib8PeEmT4seLU5pSNX5AmoQnRekxtITfb:jDTnGj8WqLNpzRC
Score1/10 -
-
-
Target
arpaname.exe
-
Size
40KB
-
MD5
d0a4bd9cc7656dfe3d7bcc3de757c826
-
SHA1
9df7f7677b5f62f41c4ecc660641af5d7bd4ab59
-
SHA256
3604e5235059c72b0004acef51f9cc84bb65cc8917e5c178638ab92af6352d21
-
SHA512
89bd6a08481f61a2b5c6f4a0a1c0f3594ff08a356be5154af2ea92f9983c89fffb3376e0f5aaacd8c03bad59b4a42eb0b1ceee562de740529e0eb8ef8d93e710
-
SSDEEP
384:jWsaAWdbuqBOziF9FmP7NVT6vxwUbMDVR4s6oP:jWsrChBOzK94hVOmUCEWP
Score1/10 -
-
-
Target
bindevt.dll
-
Size
448KB
-
MD5
432170879c1fa0e0fba90cd001a5f218
-
SHA1
818c4f72977448e4c2b4f63f199a90bfed9268df
-
SHA256
0742b6d6dd6b5e8ff8c628dae3a872e9328544e82237acff186b19937360b392
-
SHA512
38117c9afc602384285401b252a1f57c12b54996b9b74bd45d8434d9b8ad5b764cddadd1938ce000f2842e27b733b59f93b8984384f0f9e0999371029b999e36
-
SSDEEP
6144:PLyto9KMLecTR/bsUpbm97VQ8873FKBkDORsnb6ZYvZNdHiVXj:PLKo9PLecFTsU9m9E73FSRsnb6wLIj
Score1/10 -
-
-
Target
ddns-confgen.exe
-
Size
48KB
-
MD5
a60e1b03d9b1762c855b5abe33038217
-
SHA1
5a1230b8524ecb63b7e7fe30a7db66fce46e9ce7
-
SHA256
bcbf209903103afaaf712f4d5e0beebdf05b3df253b6cd2b504e7b3d45b8f4c7
-
SHA512
0e475e7ffa18e35d8124119292613546c290ee376890ecc0b207556954fbc92228fbd526b88f8a02550cf4a6524bd08efc39d8db677884cedb4d9eb429700284
-
SSDEEP
768:7zLQRA7T5CzLHO4zOtLnm3baAjmUy5P4jwP:7QWub2YbBjmUy5H
Score1/10 -
-
-
Target
dig.exe
-
Size
140KB
-
MD5
e901089bddc6e7dc789e9c2aff785784
-
SHA1
1f0b755d2e488d29d41725eb7406461a6f88fd72
-
SHA256
4852c28915d42ce97de5e247adbde27aceba8d2a4231c63d190d7dd79bcae266
-
SHA512
d60e0fbebac2e8e44c3a91ab6e4988002d6f1f9c50d9ff114a7e193ef657508e94baee02071ecf193180b2e33e8d23500b46da2ddcaee14191cec5bbe8e63152
-
SSDEEP
1536:iktNt2CYQ5fxSB8wsh3DUa9J3h4AsE4xVai4ObxDXSmU4Qhha:iiHxxSB8wZaHh4AsE6Vt4ObxDXSmU42
Score1/10 -
-
-
Target
dnssec-dsfromkey.exe
-
Size
64KB
-
MD5
c824d42d5438d32073a57463bb1f71f2
-
SHA1
12cc6a640ce62a37d7f062db5b553334b23c81c2
-
SHA256
0520168059c5688d64c43b8f89bb642c9a4bb2ae350e91b4d377e543bd8b457e
-
SHA512
dbf44bd99f86a66267c33e09439c48cfa8ca3f8c0ce49c33d4e422cefd6228d207c269c1c1f7727be8ebd883f4c144fabf6bd648de5026aaf5a9ede4355eb90c
-
SSDEEP
768:ylpERL0ctQ6FSHkXcI6+0feGZzn1pUS7odmUveBiwP:E6FSHDI6+vG1pUSUdmUvC
Score1/10 -
-
-
Target
dnssec-keyfromlabel.exe
-
Size
64KB
-
MD5
c0a78bfa8cbfcded9f8a2d5af06afbc8
-
SHA1
bcfc04ff3d22da8b9c6a166c0ea6b863b8053402
-
SHA256
f3eaaad631e28bd4c630fe607f582fc9cb6a6515034271d4a536d130fd6c812a
-
SHA512
5bd58edbdc662d112a77f77df6eb671fe70afc678673e6f8e44741eb406ee863c8a95536574f138b845920b2c6f40fdd1a7092d3be36a89d2ac2e3e6dd6720d1
-
SSDEEP
768:+7kX3Hvb55ncHgUwdsIM2Tw77EzSBeBd/eWtymUOK8wP:GknvbnQ3AsIM28dBeBd2mUOKp
Score1/10 -
-
-
Target
dnssec-keygen.exe
-
Size
80KB
-
MD5
2e3b92f58d11d17e3e97344a98dbd72e
-
SHA1
6cb3a282004c9740bd5f0827e60828e3fe5f2805
-
SHA256
8763fb109b7141d81a2408ccaef9460a754fd1a85976ab4cb80733c5dc2d22e8
-
SHA512
e831dedf6b979909a541be46d560cc458bfffe895ea37527f66155e8329cc31cb245b39b93579c7e3f6ab7f2716fda4c3b9e45f54315ef601eb1c8da43278770
-
SSDEEP
768:qEaLmRLRoBrOFNn6Y5KnBUvzxo7og1d+JZ3KWgsXCVlimUaSwP:/aLnBSv6Yyeo7r1EJZ3KWgsXCamUaj
Score1/10 -
-
-
Target
dnssec-revoke.exe
-
Size
60KB
-
MD5
ff47830443f8348874642509581d8e61
-
SHA1
59e1fb4671e803e275a60c2d87b3bc37bc8999b3
-
SHA256
f00ef5950ac98819fdc51f92943df2aa50eb156e19ce5406912e9ba3d654a522
-
SHA512
fa91badeb893880bd7c8c9fa84729daef6984111ea7fc15804e4103487cec7d999b22da7199b1c42c719684e86181ecb9aeaf152df64046bfcaf6d2979f4339e
-
SSDEEP
384:5AgHSEKHXO0Gmfhbs69sy6hzCnQvrZ2me+Xg76vxwU5g332mKYbsy6oP:mgMX08s6SyQzHrkI9mUi32mcwP
Score1/10 -
-
-
Target
dnssec-settime.exe
-
Size
64KB
-
MD5
ff06b1eb25c27cc9334635cd16feb147
-
SHA1
61f868661597bb0413114bdd40c033f59b6b489c
-
SHA256
9c8e352c7974cf1049bf79a66d698b1ba01bbd44fa9690610b17191d65f09bf6
-
SHA512
379d5c64cb241126af386e8ae36387a32734095d1fe32bc84df09451b8ec100d06af8cffa6b0723591b2ff0d10717650b3a46f18fdf8da0816a8b0f03327aa93
-
SSDEEP
768:YqM6vIEOd4v6XUcK9vfIezqseIj6WKedmU4gzGwP:YqMxkcK9o/seIjFKOmU46
Score1/10 -
-
-
Target
dnssec-signzone.exe
-
Size
132KB
-
MD5
87029f397d4a0a921809a63decea3430
-
SHA1
3d79554fb3442df7e4d782bbbba0b5badc3c42d1
-
SHA256
d196ef71a558e5e20801075d8fa1c8ae514ab2f3cb4bd9e4de8cd32e1b8eff1c
-
SHA512
3efc19d306d297c59712c056263b1535b71464fad4f00b708852f78fa689d0f75eb97df4b9d482bcc82f15eba6cfc8e6fd0299a0b4d1c60372a4791da47ffe1d
-
SSDEEP
1536:HJeJORe9qydigFMT5n1JVe6ihJdvCAfuRztSx4vXqNxr6D234GACGUKld6q:HJnRbvxwBmBaNxr6D234GACGUKld6
Score1/10 -
-
-
Target
genrandom.exe
-
Size
40KB
-
MD5
43afafff2c8256ad210bf5eac7045c85
-
SHA1
8cc981f363f2f541d7cac371d92ab2a6ac9746f0
-
SHA256
e496040b8b62bf0e4aa8ed1f07eb2e8e1ad458464a19dd1d83dc6a2833ed97cb
-
SHA512
564a2a30ec16af427d7460d6d0ea0994a3134a5e7d2e59d845ad382bbba562b75135fe92638ac93ba20c2f4332f4cd6d580691960b637049957442d5a16db3b2
-
SSDEEP
384:DSuHRskrQsU5Ho04zu75yenQbywApPxwUbg8i+eK6dP:Dj2Z5HofzG55nwApGUd8NP
Score1/10 -
-
-
Target
host.exe
-
Size
120KB
-
MD5
adea3e491c8cc86fb04ab4d303388916
-
SHA1
efa08d3cba30b4c9ea210a3cb1fb7d5514f7ccc8
-
SHA256
1a6dcd6026fc4fcb22b9b7cdf22eaa2005ecd2fa9b9fd351707b25aab2abb529
-
SHA512
59a7ccf3e23eb2573b327fb4dd5884801adcc44a3f5830ab3541dd11e895a2628b333ff99317fb8162c4db14ad5d042cee427f35a48bd6765be9b9f6eb504d61
-
SSDEEP
3072:OqftUWQD+v/05bGmA9tg4S0U8rbxD3YGUB1j:Zk605imA9tgatxD3Y1
Score1/10 -
-
-
Target
isc-hmac-fixup.exe
-
Size
40KB
-
MD5
1bf9ff770c7c557fb710a6e7515d0302
-
SHA1
e16716f5b0e1654f04213dfdbdd76a8ccc3557ce
-
SHA256
1b5fb03cd9dbe105564ef05803e12f8e2ada0c189fed3be093a80f6d149900d3
-
SHA512
e22f1e0873270d21d8e43889825b7b6c67379a5235fbd6d80830a20bdf80fcb5c704a76cc26771516cfc1b8dfc7cd264c5fa6bf072d6f987a39ac108278fc5c4
-
SSDEEP
384:iZQ/KHVjJzr8AHfWjBuB6vxwUbT9uzRos6oP:i0kVjJzfu1mUlu2WP
Score1/10 -
-
-
Target
libbind9.dll
-
Size
100KB
-
MD5
12c2dc6f1ab21ff548f3005b17e84002
-
SHA1
599c686941f39392601e403053953c18903b6f8b
-
SHA256
5322f3d5c686901ced7d7973fce71d0f404b2ee7bed853c1ca249d842dceaf56
-
SHA512
5f25c5281cf6517e5b0369c7bb46f32e276a478861de81dc8619a5b1ea73d463c550e9866de6f70b8043d126e78b0b3fde3fdd37f3101eebc4b17c00e46761d8
-
SSDEEP
1536:5k/8kJVZ4ARI6s1LXITMRhg3PTzOOcSmUIN3GmaV:28kJVZ4F1LYTMRu3PnOkmUId+
Score1/10 -
-
-
Target
libdns.dll
-
Size
2.3MB
-
MD5
b255d82772b1e514c2f7606a495e3832
-
SHA1
b96545989707149bf4041c24be8161060071c3c3
-
SHA256
6a6bb14989de6beecdc3b9f5df20c9543149412883c738c2539ecf7acdb1405a
-
SHA512
97f370901302311ec3ec2aa484704cc2c6846c7a179f38d2eccbceb3456042173f6cb26c9142f9e7632f3fe5826fc0f64583e2362a45768106a118a66c85b4a4
-
SSDEEP
24576:iEhnCRsaAN4pSAYzYYY6sdWkKJbhqMR45AcalDhyzfsP6IqfgSnNlsmQsQ7:wXy4pSBV9hyzfsP6IqJlsmQs
Score1/10 -