General
-
Target
b778e209008c767594504da6da6561a1dbd2f29bb5e7af80c5c9aa01a4751663
-
Size
4.4MB
-
Sample
240613-3w7rwszelj
-
MD5
50c802b1e6345cd8665c3fd4c4fa7ceb
-
SHA1
fbab3a6fffcafa02a1b2ef90273abb9926455170
-
SHA256
b778e209008c767594504da6da6561a1dbd2f29bb5e7af80c5c9aa01a4751663
-
SHA512
88b9a35648641bdc382e2aec27eaef7a56fef9808f28af8af03f7fb4b0895e19296a6d181b20bd7f5774c1f759dbf6f2ab3632060decc3d3f2c8f8a07cbc6e5d
-
SSDEEP
98304:myoSu22YSxeLaFcEb+Q7fNdsbOAxaL3DtN2pp2f+nR/CES2CoU:hoSu22YSx7GEb9jNdGxaL3Dapp2SjS2Q
Static task
static1
Behavioral task
behavioral1
Sample
b778e209008c767594504da6da6561a1dbd2f29bb5e7af80c5c9aa01a4751663.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
b778e209008c767594504da6da6561a1dbd2f29bb5e7af80c5c9aa01a4751663.exe
Resource
win10-20240404-en
Malware Config
Extracted
socks5systemz
ezmblol.ua
http://ezmblol.ua/search/?q=67e28dd83955a42b4006aa1b7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ee8889b5e4fa9281ae978f671ea771795af8e05c645db22f31df92d8b38e316a667d307eca743ec4c2b07b52966923a6f8dfd13c8eb91
cejglwy.net
http://cejglwy.net/search/?q=67e28dd8655bf57a4609f84c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa48e8889b5e4fa9281ae978ff71ea771795af8e05c645db22f31dfe339426fa11a366c350adb719a9577e55b8603e983a608ff712c2ed9d9e39
Targets
-
-
Target
b778e209008c767594504da6da6561a1dbd2f29bb5e7af80c5c9aa01a4751663
-
Size
4.4MB
-
MD5
50c802b1e6345cd8665c3fd4c4fa7ceb
-
SHA1
fbab3a6fffcafa02a1b2ef90273abb9926455170
-
SHA256
b778e209008c767594504da6da6561a1dbd2f29bb5e7af80c5c9aa01a4751663
-
SHA512
88b9a35648641bdc382e2aec27eaef7a56fef9808f28af8af03f7fb4b0895e19296a6d181b20bd7f5774c1f759dbf6f2ab3632060decc3d3f2c8f8a07cbc6e5d
-
SSDEEP
98304:myoSu22YSxeLaFcEb+Q7fNdsbOAxaL3DtN2pp2f+nR/CES2CoU:hoSu22YSx7GEb9jNdGxaL3Dapp2SjS2Q
Score10/10-
Detect Socks5Systemz Payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-