General
-
Target
7d19a64a4f75ddd2fc4928824b30c93da7a8bf541197f2fcdb1bd6d5578aea4d
-
Size
5.0MB
-
Sample
240615-bx3e1svalc
-
MD5
e24847f922280da04837c2865a5e55ed
-
SHA1
fe6c0d634ecf3a8df9f9a76611891dcb038b7bb0
-
SHA256
7d19a64a4f75ddd2fc4928824b30c93da7a8bf541197f2fcdb1bd6d5578aea4d
-
SHA512
2c4b90a00b6a4aa3e82732d79e63ed2215295c0368a03d2140fdc33b911be1fc0cdb55e87021898b0a56cb71a778963830eb5ec866d837dde6b5189081b3c57f
-
SSDEEP
98304:mC5dTzAO3oYq8kbeJ0U9DSnGEOzaIiUvvYb6jpi/vXDtVr6/C:f5dTzAO3K7e2U9SnGdeIiwg4QTnG/C
Static task
static1
Behavioral task
behavioral1
Sample
7d19a64a4f75ddd2fc4928824b30c93da7a8bf541197f2fcdb1bd6d5578aea4d.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral2
Sample
7d19a64a4f75ddd2fc4928824b30c93da7a8bf541197f2fcdb1bd6d5578aea4d.exe
Resource
win11-20240419-en
Malware Config
Extracted
socks5systemz
ckdnnei.net
bohdhaa.com
Targets
-
-
Target
7d19a64a4f75ddd2fc4928824b30c93da7a8bf541197f2fcdb1bd6d5578aea4d
-
Size
5.0MB
-
MD5
e24847f922280da04837c2865a5e55ed
-
SHA1
fe6c0d634ecf3a8df9f9a76611891dcb038b7bb0
-
SHA256
7d19a64a4f75ddd2fc4928824b30c93da7a8bf541197f2fcdb1bd6d5578aea4d
-
SHA512
2c4b90a00b6a4aa3e82732d79e63ed2215295c0368a03d2140fdc33b911be1fc0cdb55e87021898b0a56cb71a778963830eb5ec866d837dde6b5189081b3c57f
-
SSDEEP
98304:mC5dTzAO3oYq8kbeJ0U9DSnGEOzaIiUvvYb6jpi/vXDtVr6/C:f5dTzAO3K7e2U9SnGdeIiwg4QTnG/C
Score10/10-
Detect Socks5Systemz Payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-