General
-
Target
07c964041d145a223a9b5e4494ff19ac41bf65701ec81be2cd7251c153da65b2
-
Size
4.5MB
-
Sample
240617-h12q8azckg
-
MD5
717eff8aa4240b2b6c292fd308891bcd
-
SHA1
e6588943cf87b612a957f000e763658d3f223d89
-
SHA256
07c964041d145a223a9b5e4494ff19ac41bf65701ec81be2cd7251c153da65b2
-
SHA512
c89ea072fa16ca09cf5643104c052bd2fa5ee5b3ba55f17ea9c99e2ac1672062c56eaab3fff7f3542ba6dda36ee48d290d76f6e68e23c7765d12cb8cc6720a05
-
SSDEEP
98304:mHS9cm8j9pCXSNMA5e3Dm2MdPyBkLbmRxXo5O/pBRX8u:4rzCCNMAn2MdPMkLmo5qPFJ
Static task
static1
Behavioral task
behavioral1
Sample
07c964041d145a223a9b5e4494ff19ac41bf65701ec81be2cd7251c153da65b2.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral2
Sample
07c964041d145a223a9b5e4494ff19ac41bf65701ec81be2cd7251c153da65b2.exe
Resource
win11-20240419-en
Malware Config
Extracted
socks5systemz
ezrogxn.ua
http://ezrogxn.ua/search/?q=67e28dd83a5da32a155afd1b7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978a271ea771795af8e05c645db22f31dfe339426fa11af66c152adb719a9577e55b8603e983a608ff717c0e7919c3d
bgouvpt.com
Targets
-
-
Target
07c964041d145a223a9b5e4494ff19ac41bf65701ec81be2cd7251c153da65b2
-
Size
4.5MB
-
MD5
717eff8aa4240b2b6c292fd308891bcd
-
SHA1
e6588943cf87b612a957f000e763658d3f223d89
-
SHA256
07c964041d145a223a9b5e4494ff19ac41bf65701ec81be2cd7251c153da65b2
-
SHA512
c89ea072fa16ca09cf5643104c052bd2fa5ee5b3ba55f17ea9c99e2ac1672062c56eaab3fff7f3542ba6dda36ee48d290d76f6e68e23c7765d12cb8cc6720a05
-
SSDEEP
98304:mHS9cm8j9pCXSNMA5e3Dm2MdPyBkLbmRxXo5O/pBRX8u:4rzCCNMAn2MdPMkLmo5qPFJ
Score10/10-
Detect Socks5Systemz Payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-