General
-
Target
b10e1e4e61f30bbb4d198093576da9867e723191e17527611fbcc1dad598e4f4
-
Size
4.8MB
-
Sample
240530-b798lsab6w
-
MD5
dbf10caf0035b25c6f6cc6326e0ffdb0
-
SHA1
6a5289643ab79833287953c97aa5e2f356678d07
-
SHA256
b10e1e4e61f30bbb4d198093576da9867e723191e17527611fbcc1dad598e4f4
-
SHA512
490aa898e35b1c8a843e4cb55bf4873a8526ce3dee24a1fe1a0ebf657c8628a3d54e08cc056564d8c110380f9da667a8e8420d28d3e645b2e6de5a70577cc04d
-
SSDEEP
98304:mXCHlrOgmZYrQ9GW+2kVU/zQ+fJEwKHv7r6:iCZOgZrQH5kV+xfKHv7r6
Static task
static1
Behavioral task
behavioral1
Sample
b10e1e4e61f30bbb4d198093576da9867e723191e17527611fbcc1dad598e4f4.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
b10e1e4e61f30bbb4d198093576da9867e723191e17527611fbcc1dad598e4f4.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
b10e1e4e61f30bbb4d198093576da9867e723191e17527611fbcc1dad598e4f4
-
Size
4.8MB
-
MD5
dbf10caf0035b25c6f6cc6326e0ffdb0
-
SHA1
6a5289643ab79833287953c97aa5e2f356678d07
-
SHA256
b10e1e4e61f30bbb4d198093576da9867e723191e17527611fbcc1dad598e4f4
-
SHA512
490aa898e35b1c8a843e4cb55bf4873a8526ce3dee24a1fe1a0ebf657c8628a3d54e08cc056564d8c110380f9da667a8e8420d28d3e645b2e6de5a70577cc04d
-
SSDEEP
98304:mXCHlrOgmZYrQ9GW+2kVU/zQ+fJEwKHv7r6:iCZOgZrQH5kV+xfKHv7r6
Score10/10-
Detect Socks5Systemz Payload
-
Detects executables packed with VMProtect.
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-