General
-
Target
6cb361b6d9f4eed70fbeb3a482a70d8cabce818b17b3a710c00545a1e7cde753
-
Size
5.0MB
-
Sample
240613-wsjsbs1glp
-
MD5
bf46096f503cf0646b2c10b35314198d
-
SHA1
8424f8aa14259c1c2799c923524d911e2643e60e
-
SHA256
6cb361b6d9f4eed70fbeb3a482a70d8cabce818b17b3a710c00545a1e7cde753
-
SHA512
1032964ef54d635ab3b4f885d4c0863f8ecdd6a511f40e568f0002f901b707ef35d1427990b1c5e002c9fba4f77d701e0245b8b217cad944deb922194190c5aa
-
SSDEEP
98304:mipB02MM+0mSejnGC3Ip83nTGFR8JpMp0AaduZ2c3QSy5iEYDKZZ4YCKe:D02V+0mbJp3jdU2cAljYD84Ys
Static task
static1
Behavioral task
behavioral1
Sample
6cb361b6d9f4eed70fbeb3a482a70d8cabce818b17b3a710c00545a1e7cde753.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral2
Sample
6cb361b6d9f4eed70fbeb3a482a70d8cabce818b17b3a710c00545a1e7cde753.exe
Resource
win11-20240508-en
Malware Config
Extracted
socks5systemz
ccewzwd.net
bhhbswy.com
Targets
-
-
Target
6cb361b6d9f4eed70fbeb3a482a70d8cabce818b17b3a710c00545a1e7cde753
-
Size
5.0MB
-
MD5
bf46096f503cf0646b2c10b35314198d
-
SHA1
8424f8aa14259c1c2799c923524d911e2643e60e
-
SHA256
6cb361b6d9f4eed70fbeb3a482a70d8cabce818b17b3a710c00545a1e7cde753
-
SHA512
1032964ef54d635ab3b4f885d4c0863f8ecdd6a511f40e568f0002f901b707ef35d1427990b1c5e002c9fba4f77d701e0245b8b217cad944deb922194190c5aa
-
SSDEEP
98304:mipB02MM+0mSejnGC3Ip83nTGFR8JpMp0AaduZ2c3QSy5iEYDKZZ4YCKe:D02V+0mbJp3jdU2cAljYD84Ys
Score10/10-
Detect Socks5Systemz Payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-