General
-
Target
d26becc92e558dc546498843797b1a3c1c3b20d99b6cd3fcf88e0c6e7624ca77
-
Size
2.0MB
-
Sample
240324-rqz93sdb84
-
MD5
0cdb90a1aadeaef6bb78fe3fc3d3300b
-
SHA1
592924eef622d15aee1fd290b92c023e40c9e7f8
-
SHA256
d26becc92e558dc546498843797b1a3c1c3b20d99b6cd3fcf88e0c6e7624ca77
-
SHA512
ebe3e36862375a823e5bb9f5c4097484f040c0eb9fa857e0d25a614b2aec8317a797642875a26a51ab12defb890a3fc25edc299a0606d22b59ad527fc7542843
-
SSDEEP
49152:32f3aT1Sfzs2xz2eAphOOlzjikYsqoRtVHtr25LVkI:mvo8soz2eAiOhYsq2125BkI
Static task
static1
Behavioral task
behavioral1
Sample
d26becc92e558dc546498843797b1a3c1c3b20d99b6cd3fcf88e0c6e7624ca77.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral2
Sample
d26becc92e558dc546498843797b1a3c1c3b20d99b6cd3fcf88e0c6e7624ca77.exe
Resource
win11-20240221-en
Malware Config
Extracted
socks5systemz
http://aaeyoje.ru/search/?q=67e28dd8685ff32d4309f94d7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4de8889b5e4fa9281ae978f771ea771795af8e05c647db22f31dfe339426fa11af66c152adb719a9577e55b8603e983a608ffe13c9ef969e3e
http://boomsuz.com/search/?q=67e28dd83a0ba47b435ca84a7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa1ee8889b5e4fa9281ae978a071ea771795af8e05c647db22f31dfe339426fa12a466c553adb719a9577e55b8603e983a608ffe13c9ef969e3f
Targets
-
-
Target
d26becc92e558dc546498843797b1a3c1c3b20d99b6cd3fcf88e0c6e7624ca77
-
Size
2.0MB
-
MD5
0cdb90a1aadeaef6bb78fe3fc3d3300b
-
SHA1
592924eef622d15aee1fd290b92c023e40c9e7f8
-
SHA256
d26becc92e558dc546498843797b1a3c1c3b20d99b6cd3fcf88e0c6e7624ca77
-
SHA512
ebe3e36862375a823e5bb9f5c4097484f040c0eb9fa857e0d25a614b2aec8317a797642875a26a51ab12defb890a3fc25edc299a0606d22b59ad527fc7542843
-
SSDEEP
49152:32f3aT1Sfzs2xz2eAphOOlzjikYsqoRtVHtr25LVkI:mvo8soz2eAiOhYsq2125BkI
Score10/10-
Detect Socks5Systemz Payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-