General
-
Target
bedbc3159b68fe1491f189656f0260fe3d0c3a0d5f3b2e91ad937bad54e649ff.exe
-
Size
4.5MB
-
Sample
240522-cr5hvshb93
-
MD5
f94e3f147757e9824105fc69d9a074cb
-
SHA1
6e702d71b93d8dd86f7c3c3dbee27e0e5100d66b
-
SHA256
bedbc3159b68fe1491f189656f0260fe3d0c3a0d5f3b2e91ad937bad54e649ff
-
SHA512
a2be7aeed7037cab0e140b39b41bd42d97d766a41de8833e231d0dee0a01278a477a8670b787792986519a293d027012e3b8894b95b147e4c0e6761eafad650a
-
SSDEEP
98304:mg29ddykSDiFt/UBStZv9RAnlMM+kTv1OStMUsWWsuYiYxP35z:e9dd/SDQcBMinlCQ1OoM0ZuYhV3x
Static task
static1
Behavioral task
behavioral1
Sample
bedbc3159b68fe1491f189656f0260fe3d0c3a0d5f3b2e91ad937bad54e649ff.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
bedbc3159b68fe1491f189656f0260fe3d0c3a0d5f3b2e91ad937bad54e649ff.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
bedbc3159b68fe1491f189656f0260fe3d0c3a0d5f3b2e91ad937bad54e649ff.exe
-
Size
4.5MB
-
MD5
f94e3f147757e9824105fc69d9a074cb
-
SHA1
6e702d71b93d8dd86f7c3c3dbee27e0e5100d66b
-
SHA256
bedbc3159b68fe1491f189656f0260fe3d0c3a0d5f3b2e91ad937bad54e649ff
-
SHA512
a2be7aeed7037cab0e140b39b41bd42d97d766a41de8833e231d0dee0a01278a477a8670b787792986519a293d027012e3b8894b95b147e4c0e6761eafad650a
-
SSDEEP
98304:mg29ddykSDiFt/UBStZv9RAnlMM+kTv1OStMUsWWsuYiYxP35z:e9dd/SDQcBMinlCQ1OoM0ZuYhV3x
Score10/10-
Detect Socks5Systemz Payload
-
Detects executables packed with VMProtect.
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-