General
-
Target
81ff59064aee2985951585849fdb1e72.bin
-
Size
1.9MB
-
Sample
240325-dca65shb5v
-
MD5
5912968bf47ffc9e781895e2eb173768
-
SHA1
44c2a825317114b0e187dd63a9393b8eb731da9a
-
SHA256
70b2b63a5a162b85da9531d1b505c207817e05835875f7fa51049a91ffab8b75
-
SHA512
2baeef6a9ad20338d2864b1b4470e62a8b298df8e441114a82c3e6e55a89ab9ecc304b8efce6b887b6d3c0332585de285bd7ddc258b0c33a5391112d159eb2f8
-
SSDEEP
49152:5cBf6nyz9bm/yE6k4Ti1s3u33ujpLJQhA3Z:5cx6yz5m/V6tkl6TZ
Static task
static1
Behavioral task
behavioral1
Sample
6e8879c7cf7985de7664ac3d756fce01503d9d18fdef1bfdafd568a4cecde171.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
6e8879c7cf7985de7664ac3d756fce01503d9d18fdef1bfdafd568a4cecde171.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
socks5systemz
http://ckhkcdd.net/search/?q=67e28dd83958f721120bac1a7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4fe8889b5e4fa9281ae978f471ea771795af8e05c645db22f31df92d8b38e316a667d307eca743ec4c2b07b52966923a668dfc14c1ea96
http://ckhkcdd.net/search/?q=67e28dd83958f721120bac1a7c27d78406abdd88be4b12eab517aa5c96bd86ee90814b805a8bbc896c58e713bc90c91a36b5281fc235a925ed3e57d6bd974a95129070b616e96cc92be20ea778c255bbe258b90d3b4eed3233d1626a8ff810c1ec969f3ac86c
http://ccwcnlz.net/search/?q=67e28dd8655aa729110daa1b7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978a771ea771795af8e05c645db22f31dfe339426fa11af66c152adb719a9577e55b8603e983a608ffe12c3ea949f3e
Targets
-
-
Target
6e8879c7cf7985de7664ac3d756fce01503d9d18fdef1bfdafd568a4cecde171.exe
-
Size
2.0MB
-
MD5
81ff59064aee2985951585849fdb1e72
-
SHA1
86e8537fdec1a12be3a79318ef37ac8137edcbea
-
SHA256
6e8879c7cf7985de7664ac3d756fce01503d9d18fdef1bfdafd568a4cecde171
-
SHA512
8e7dcea7445b2f9ffd11991f700036a28f24df3d4b27b252dad829d844fefc25afdd2ce0b7112c71255421b4776b07e388d0d2f413f1177c6222b55e1fe2269d
-
SSDEEP
49152:32wTpneykPmxLYSeue04pW3bJr7yOtXXJBdb5v/gDe7D:mwTpnHJYSupW31KQXxF3gDc
Score10/10-
Detect Socks5Systemz Payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-