General
-
Target
27ef05a18081377d08279b7337500eadcf6c60e461cb6e84d6d5d758afa696dc
-
Size
5.7MB
-
Sample
240616-m6lz6s1bqd
-
MD5
4b3144e3d1da066957fae23bf21af3ad
-
SHA1
88d2f91e7b275acf5871911361f0d0d6107db5c4
-
SHA256
27ef05a18081377d08279b7337500eadcf6c60e461cb6e84d6d5d758afa696dc
-
SHA512
91eb70c03afa01ae9961e786de14c478dfbb86d0e67f921d18a24466c04fe552c6e74130a49a9fce8f28e11cd085f64dafe78989d81cfdaa283e90bda3a042c9
-
SSDEEP
98304:mr/spdnkYV+XuyinXJbAGy8In6Z4/O4Q2dk8Dc8VsoEVQlse:usLkYV+XPAX1Zyx6Z4/OT8fV+E
Static task
static1
Behavioral task
behavioral1
Sample
27ef05a18081377d08279b7337500eadcf6c60e461cb6e84d6d5d758afa696dc.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral2
Sample
27ef05a18081377d08279b7337500eadcf6c60e461cb6e84d6d5d758afa696dc.exe
Resource
win11-20240508-en
Malware Config
Extracted
socks5systemz
besdlcu.com
ccixdim.net
Targets
-
-
Target
27ef05a18081377d08279b7337500eadcf6c60e461cb6e84d6d5d758afa696dc
-
Size
5.7MB
-
MD5
4b3144e3d1da066957fae23bf21af3ad
-
SHA1
88d2f91e7b275acf5871911361f0d0d6107db5c4
-
SHA256
27ef05a18081377d08279b7337500eadcf6c60e461cb6e84d6d5d758afa696dc
-
SHA512
91eb70c03afa01ae9961e786de14c478dfbb86d0e67f921d18a24466c04fe552c6e74130a49a9fce8f28e11cd085f64dafe78989d81cfdaa283e90bda3a042c9
-
SSDEEP
98304:mr/spdnkYV+XuyinXJbAGy8In6Z4/O4Q2dk8Dc8VsoEVQlse:usLkYV+XPAX1Zyx6Z4/OT8fV+E
Score10/10-
Detect Socks5Systemz Payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-