General
-
Target
f975dc2273e84a98c0af2c2505173d927490ee003da629b425301097d07684dd
-
Size
5.8MB
-
Sample
240615-p6hnvsvflp
-
MD5
16d9f80a5793f417dffedb5ebdbc778d
-
SHA1
0e485ef45e252c74b31623780a41c965757bf5c7
-
SHA256
f975dc2273e84a98c0af2c2505173d927490ee003da629b425301097d07684dd
-
SHA512
63d3eb500b42e39b57b9cec70d5449cc766680ecb4ee43ffb5e932e5d2250db890eb4d5ca3edbafef053a79995b8ea150b016d8375d1ce97490f2d68ed851e9b
-
SSDEEP
98304:mXiag0TfH/lu8OhDu8W98DiBJxvB6ezRs6bg6/V7LRaHj1HPk/vq/L4w2+9:erP/lu8Sd08WBJ3W6cYV71aHavqT4c9
Static task
static1
Behavioral task
behavioral1
Sample
f975dc2273e84a98c0af2c2505173d927490ee003da629b425301097d07684dd.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral2
Sample
f975dc2273e84a98c0af2c2505173d927490ee003da629b425301097d07684dd.exe
Resource
win11-20240508-en
Malware Config
Extracted
socks5systemz
bwybluf.com
bpeswcb.com
Targets
-
-
Target
f975dc2273e84a98c0af2c2505173d927490ee003da629b425301097d07684dd
-
Size
5.8MB
-
MD5
16d9f80a5793f417dffedb5ebdbc778d
-
SHA1
0e485ef45e252c74b31623780a41c965757bf5c7
-
SHA256
f975dc2273e84a98c0af2c2505173d927490ee003da629b425301097d07684dd
-
SHA512
63d3eb500b42e39b57b9cec70d5449cc766680ecb4ee43ffb5e932e5d2250db890eb4d5ca3edbafef053a79995b8ea150b016d8375d1ce97490f2d68ed851e9b
-
SSDEEP
98304:mXiag0TfH/lu8OhDu8W98DiBJxvB6ezRs6bg6/V7LRaHj1HPk/vq/L4w2+9:erP/lu8Sd08WBJ3W6cYV71aHavqT4c9
Score10/10-
Detect Socks5Systemz Payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-