General
-
Target
cae655fc698d3092fe07a588ddb6489f8da26c30942d9ef74823b47a722db092
-
Size
5.7MB
-
Sample
240616-nqqh4awanq
-
MD5
375efb9fabe93b91e6ea0e594b8a7abe
-
SHA1
25f1e913f6570fe318c3cab135925251e96b8740
-
SHA256
cae655fc698d3092fe07a588ddb6489f8da26c30942d9ef74823b47a722db092
-
SHA512
663598ebdd8d4aed6ac46a8aa722d88aa17526610bc8541fe690df3da1e8b08bb0acdd595002516dcf8e6dd6230f73ef79ac86b0b428913e83acaec40b8d6689
-
SSDEEP
98304:mxfH28i2/XvWzhsZQqK3ojnJTQ+ZfmYu9ui3yj+B7b5DglpOLoV3eYdAOpSwVe:CfW8i2HWzGY3ojnJlfmYuf3kEdgPOsuB
Static task
static1
Behavioral task
behavioral1
Sample
cae655fc698d3092fe07a588ddb6489f8da26c30942d9ef74823b47a722db092.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral2
Sample
cae655fc698d3092fe07a588ddb6489f8da26c30942d9ef74823b47a722db092.exe
Resource
win11-20240508-en
Malware Config
Extracted
socks5systemz
bfkqqoe.com
bunirfo.com
Targets
-
-
Target
cae655fc698d3092fe07a588ddb6489f8da26c30942d9ef74823b47a722db092
-
Size
5.7MB
-
MD5
375efb9fabe93b91e6ea0e594b8a7abe
-
SHA1
25f1e913f6570fe318c3cab135925251e96b8740
-
SHA256
cae655fc698d3092fe07a588ddb6489f8da26c30942d9ef74823b47a722db092
-
SHA512
663598ebdd8d4aed6ac46a8aa722d88aa17526610bc8541fe690df3da1e8b08bb0acdd595002516dcf8e6dd6230f73ef79ac86b0b428913e83acaec40b8d6689
-
SSDEEP
98304:mxfH28i2/XvWzhsZQqK3ojnJTQ+ZfmYu9ui3yj+B7b5DglpOLoV3eYdAOpSwVe:CfW8i2HWzGY3ojnJlfmYuf3kEdgPOsuB
Score10/10-
Detect Socks5Systemz Payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-