General
-
Target
c47d5896a93e2acec0d0478db28095b5c1fed99024eef398c4c597702ee1e7a3
-
Size
5.7MB
-
Sample
240616-psdgzsxejm
-
MD5
465c9f4d0f34411c20e8ff13bda761a0
-
SHA1
ef6765ea185a86214728ebc4a105a1fffb0c9075
-
SHA256
c47d5896a93e2acec0d0478db28095b5c1fed99024eef398c4c597702ee1e7a3
-
SHA512
0593a4bcb19ffeb30c1611f0624f81ef84040e6186251d9b6149a7e1cd0c16b5feee068b9f2d32f50e95fe87e5466b04dd318856f567b678ff089a1a2e62cf17
-
SSDEEP
98304:mS5ulb5++tjSegYejhAX1AICM7J6f7RVmA+BQBETbk41BqEx4e:jMY+tGe93+g7wf7RIA+DBqEx5
Static task
static1
Behavioral task
behavioral1
Sample
c47d5896a93e2acec0d0478db28095b5c1fed99024eef398c4c597702ee1e7a3.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral2
Sample
c47d5896a93e2acec0d0478db28095b5c1fed99024eef398c4c597702ee1e7a3.exe
Resource
win11-20240419-en
Malware Config
Extracted
socks5systemz
csmgbkb.net
bebipdb.com
Targets
-
-
Target
c47d5896a93e2acec0d0478db28095b5c1fed99024eef398c4c597702ee1e7a3
-
Size
5.7MB
-
MD5
465c9f4d0f34411c20e8ff13bda761a0
-
SHA1
ef6765ea185a86214728ebc4a105a1fffb0c9075
-
SHA256
c47d5896a93e2acec0d0478db28095b5c1fed99024eef398c4c597702ee1e7a3
-
SHA512
0593a4bcb19ffeb30c1611f0624f81ef84040e6186251d9b6149a7e1cd0c16b5feee068b9f2d32f50e95fe87e5466b04dd318856f567b678ff089a1a2e62cf17
-
SSDEEP
98304:mS5ulb5++tjSegYejhAX1AICM7J6f7RVmA+BQBETbk41BqEx4e:jMY+tGe93+g7wf7RIA+DBqEx5
Score10/10-
Detect Socks5Systemz Payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-