General
-
Target
6e08ed3b9a5575b1eb4501fa28a9b0fa9f022dbd459de13d6a164f67418ad0c5
-
Size
2.0MB
-
Sample
240323-stchvsbe8t
-
MD5
245feb1863027e245b3de9957ae20ae6
-
SHA1
17ca0ff141577f13e1c5194c03f49c894037a709
-
SHA256
6e08ed3b9a5575b1eb4501fa28a9b0fa9f022dbd459de13d6a164f67418ad0c5
-
SHA512
0f0470294de37c2988c66b0268f85108e5c4f641d6df0beba6198e1d60401fd992929c158f20aacc515af192af1a2ca2a27cf8f4a599fd840c38010c5b19c2e9
-
SSDEEP
49152:326cyROWJGguankmaHmFxdPr9Pz/I4pHCH:mFyLYAkmaGBPJzCH
Static task
static1
Behavioral task
behavioral1
Sample
6e08ed3b9a5575b1eb4501fa28a9b0fa9f022dbd459de13d6a164f67418ad0c5.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral2
Sample
6e08ed3b9a5575b1eb4501fa28a9b0fa9f022dbd459de13d6a164f67418ad0c5.exe
Resource
win11-20240214-en
Malware Config
Extracted
socks5systemz
http://bdzdhvc.com/search/?q=67e28dd86c0ea7794406f94d7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa44e8889b5e4fa9281ae978f671ea771795af8e05c645db22f31dfe339426fa11af66c152adb719a9577e55b8603e983a608ffe13c0e8909e3a
http://bwwkjni.com/search/?q=67e28dd83a58f22a160bab1e7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978a071ea771795af8e05c645db22f31dfe339426fa12a466c553adb719a9577e55b8603e983a608ffe13c0e8909e39
Targets
-
-
Target
6e08ed3b9a5575b1eb4501fa28a9b0fa9f022dbd459de13d6a164f67418ad0c5
-
Size
2.0MB
-
MD5
245feb1863027e245b3de9957ae20ae6
-
SHA1
17ca0ff141577f13e1c5194c03f49c894037a709
-
SHA256
6e08ed3b9a5575b1eb4501fa28a9b0fa9f022dbd459de13d6a164f67418ad0c5
-
SHA512
0f0470294de37c2988c66b0268f85108e5c4f641d6df0beba6198e1d60401fd992929c158f20aacc515af192af1a2ca2a27cf8f4a599fd840c38010c5b19c2e9
-
SSDEEP
49152:326cyROWJGguankmaHmFxdPr9Pz/I4pHCH:mFyLYAkmaGBPJzCH
Score10/10-
Detect Socks5Systemz Payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-