General
-
Target
922d64dac627972919d65f4fcd62d61302e33d54aac7f2187b0bca74e4351768
-
Size
5.8MB
-
Sample
240615-r5m83athme
-
MD5
bc99d6695c5aeeb6943e3de3a6a43fef
-
SHA1
d2a65f6d0ef744daa5101d82be2385e2f22d4f6b
-
SHA256
922d64dac627972919d65f4fcd62d61302e33d54aac7f2187b0bca74e4351768
-
SHA512
32672bca4781bee848dca15eb9dedf49849ec18761d20ed532ad906531aad7c9fbec8a222a6eb42186648a538d33807eb77e0dbbea8876b7a20ea75e33958f51
-
SSDEEP
98304:mWAwd08drb+XMfqbphA2KezqHpLooEYebQ8qeSm8yKSI/su7bcRN21:d/gphpKezw1EYebIeSmDKSI/VPcRs1
Static task
static1
Behavioral task
behavioral1
Sample
922d64dac627972919d65f4fcd62d61302e33d54aac7f2187b0bca74e4351768.exe
Resource
win10v2004-20240611-en
Behavioral task
behavioral2
Sample
922d64dac627972919d65f4fcd62d61302e33d54aac7f2187b0bca74e4351768.exe
Resource
win11-20240611-en
Malware Config
Extracted
socks5systemz
cczrvxt.net
http://cczrvxt.net/search/?q=67e28dd83f08f52f150eab187c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ae8889b5e4fa9281ae978f471ea771795af8e05c645db22f31dfe339426fa11af66c152adb719a9577e55b8603e983a608ff715c6ed9d9d3f
aaobuny.ru
http://aaobuny.ru/search/?q=67e28dd83f0fa67d125ca51e7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa1de8889b5e4fa9281ae978f371ea771795af8e05c645db22f31dfe339426fa12a466c553adb719a9577e55b8603e983a608ff715c6ed9d9d39
http://aaobuny.ru/search/?q=67e28dd83f0fa67d125ca51e7c27d78406abdd88be4b12eab517aa5c96bd86e59d8e4896148ab2865b77f80ebad9950f7cb63037ed2ab423a4364383ba915d911ec07bb606a0708727e40ea678c751bbe34efb0e2807e12571c17f3e83fe16c1e7919c39c56894
Targets
-
-
Target
922d64dac627972919d65f4fcd62d61302e33d54aac7f2187b0bca74e4351768
-
Size
5.8MB
-
MD5
bc99d6695c5aeeb6943e3de3a6a43fef
-
SHA1
d2a65f6d0ef744daa5101d82be2385e2f22d4f6b
-
SHA256
922d64dac627972919d65f4fcd62d61302e33d54aac7f2187b0bca74e4351768
-
SHA512
32672bca4781bee848dca15eb9dedf49849ec18761d20ed532ad906531aad7c9fbec8a222a6eb42186648a538d33807eb77e0dbbea8876b7a20ea75e33958f51
-
SSDEEP
98304:mWAwd08drb+XMfqbphA2KezqHpLooEYebQ8qeSm8yKSI/su7bcRN21:d/gphpKezw1EYebIeSmDKSI/VPcRs1
Score10/10-
Detect Socks5Systemz Payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-