General
-
Target
a6af8739ed0501065fb73c3ffee24be4e20be7c4f048191efe1c83619a73f99c
-
Size
4.8MB
-
Sample
240614-rh24psxflq
-
MD5
ca7d1c13e28753bdc617da3b0b433ed9
-
SHA1
4c0a3218e2ec23689bc7a144b99326bb7bca63d6
-
SHA256
a6af8739ed0501065fb73c3ffee24be4e20be7c4f048191efe1c83619a73f99c
-
SHA512
c06bdc5ff0a79108b79a536e8c8a0539c50684230eb079bfcb45adb795173fe478d907fae55b501912bef0cbe3663987ba8208181e99961e28a2f6f17ed8fc77
-
SSDEEP
98304:mYtUeQXqyNUVoiLn87G/zrSL19yCDg+JwRXt3kdESEV:X7y6VoiL86/o19yCrwR5kmSEV
Static task
static1
Behavioral task
behavioral1
Sample
a6af8739ed0501065fb73c3ffee24be4e20be7c4f048191efe1c83619a73f99c.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral2
Sample
a6af8739ed0501065fb73c3ffee24be4e20be7c4f048191efe1c83619a73f99c.exe
Resource
win11-20240508-en
Malware Config
Extracted
socks5systemz
cceasix.net
aahznzk.ru
Targets
-
-
Target
a6af8739ed0501065fb73c3ffee24be4e20be7c4f048191efe1c83619a73f99c
-
Size
4.8MB
-
MD5
ca7d1c13e28753bdc617da3b0b433ed9
-
SHA1
4c0a3218e2ec23689bc7a144b99326bb7bca63d6
-
SHA256
a6af8739ed0501065fb73c3ffee24be4e20be7c4f048191efe1c83619a73f99c
-
SHA512
c06bdc5ff0a79108b79a536e8c8a0539c50684230eb079bfcb45adb795173fe478d907fae55b501912bef0cbe3663987ba8208181e99961e28a2f6f17ed8fc77
-
SSDEEP
98304:mYtUeQXqyNUVoiLn87G/zrSL19yCDg+JwRXt3kdESEV:X7y6VoiL86/o19yCrwR5kmSEV
Score10/10-
Detect Socks5Systemz Payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-