General
-
Target
81ff59064aee2985951585849fdb1e72.exe
-
Size
2.0MB
-
Sample
240323-n31jtsfh23
-
MD5
81ff59064aee2985951585849fdb1e72
-
SHA1
86e8537fdec1a12be3a79318ef37ac8137edcbea
-
SHA256
6e8879c7cf7985de7664ac3d756fce01503d9d18fdef1bfdafd568a4cecde171
-
SHA512
8e7dcea7445b2f9ffd11991f700036a28f24df3d4b27b252dad829d844fefc25afdd2ce0b7112c71255421b4776b07e388d0d2f413f1177c6222b55e1fe2269d
-
SSDEEP
49152:32wTpneykPmxLYSeue04pW3bJr7yOtXXJBdb5v/gDe7D:mwTpnHJYSupW31KQXxF3gDc
Static task
static1
Behavioral task
behavioral1
Sample
81ff59064aee2985951585849fdb1e72.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
81ff59064aee2985951585849fdb1e72.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
socks5systemz
http://boqgvrr.com/search/?q=67e28dd83d5fa62d1358fa4d7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4de8889b5e4fa9281ae978ff71ea771795af8e05c645db22f31df92d8b38e316a667d307eca743ec4c2b07b52966923a668ff614c0ec92
http://boqgvrr.com/search/?q=67e28dd83d5fa62d1358fa4d7c27d78406abdd88be4b12eab517aa5c96bd86e9918e4c875a8bbc896c58e713bc90c91836b5281fc235a925ed3e5cd6bd974a95129070b616e96cc92be20ea778c255bbe258b90d3b4eed3233d1626a8ff810c1ee9c9f3bce68
http://ceedgfm.net/search/?q=67e28dd83a5da32a155afd1b7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978a271ea771795af8e05c645db22f31dfe339426fa11af66c152adb719a9577e55b8603e983a608ffe10c9ea95993c
http://ceedgfm.net/search/?q=67e28dd83a5da32a155afd1b7c27d78406abdd88be4b12eab517aa5c96bd86ee96854f855a8bbc896c58e713bc90c91936b5281fc235a925ed3e01d6bd974a95129070b616e96cc92be510b866db52b2e34aec4c2b14a82966836f23d7f210c7ee949b32c86f9511
Targets
-
-
Target
81ff59064aee2985951585849fdb1e72.exe
-
Size
2.0MB
-
MD5
81ff59064aee2985951585849fdb1e72
-
SHA1
86e8537fdec1a12be3a79318ef37ac8137edcbea
-
SHA256
6e8879c7cf7985de7664ac3d756fce01503d9d18fdef1bfdafd568a4cecde171
-
SHA512
8e7dcea7445b2f9ffd11991f700036a28f24df3d4b27b252dad829d844fefc25afdd2ce0b7112c71255421b4776b07e388d0d2f413f1177c6222b55e1fe2269d
-
SSDEEP
49152:32wTpneykPmxLYSeue04pW3bJr7yOtXXJBdb5v/gDe7D:mwTpnHJYSupW31KQXxF3gDc
Score10/10-
Detect Socks5Systemz Payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-