General
-
Target
72c9c78af1bcef44f131becb89ca8388.bin
-
Size
2.2MB
-
Sample
240325-cs1lasgd7z
-
MD5
9bd4e59f42396330103cb441f54c22db
-
SHA1
fcdbb6b423d4141cd39bf900c7b486f2a41cc4df
-
SHA256
d3070ae100f7b1fc897c06e54da231ce81806ba38c10b67b3391572fed9cc7a6
-
SHA512
f42730d9ba457f8b9649a8084a8a87b434a5f478c70d35f24bb702511456a727e16d1e53a655a31f408c5d9cd8e906179945f4496507bd8fe963c4854c2a382b
-
SSDEEP
49152:LRu2SMmDf2HSD6JYnuiXsTYvwh5X/LhQeMJO0hs:Fu2SPq26K1vwh5X/L2Aks
Static task
static1
Behavioral task
behavioral1
Sample
19f878573535fd072225a06e5fc283bc9925a79df1b795c25d6a01605966b4c5.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
19f878573535fd072225a06e5fc283bc9925a79df1b795c25d6a01605966b4c5.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
socks5systemz
http://buicniz.com/search/?q=67e28dd86e58a42e450ca94d7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ee8889b5e4fa9281ae978f671ea771795af8e05c645db22f31dfe339426fa11af66c152adb719a9577e55b8603e983a608ffe12c3ec969e33
Targets
-
-
Target
19f878573535fd072225a06e5fc283bc9925a79df1b795c25d6a01605966b4c5.exe
-
Size
2.2MB
-
MD5
72c9c78af1bcef44f131becb89ca8388
-
SHA1
9872f5fb908841d9fa25c38adb995bfcd392149b
-
SHA256
19f878573535fd072225a06e5fc283bc9925a79df1b795c25d6a01605966b4c5
-
SHA512
4e1c01064dbaad273b481382a8e26686a6da26f67926f0952deb25a0eca0e1275bab38b97bf7bcc484cdbf3f0141dd0612d8a2c72c21062af92c34f06dd38db0
-
SSDEEP
49152:324u9cVTBk4TTJnFFwcDPM1lvmUG6jmnyienM7svXncfe0fKdqSRehM:m4umV6QTJnFTY102jmyfM7sv+e0AqS0a
Score10/10-
Detect Socks5Systemz Payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-