General
-
Target
0f584bf26dc594bd1a0c2a1e2e92bcf4a10698b17772f9bb46b6e5362f8ed864
-
Size
4.4MB
-
Sample
240619-hgfdwazfmk
-
MD5
2efe75d0cee52a2f5a5af3863127b66c
-
SHA1
411be6da8250df37d692a9a0924faaf339bbf065
-
SHA256
0f584bf26dc594bd1a0c2a1e2e92bcf4a10698b17772f9bb46b6e5362f8ed864
-
SHA512
3716bef9dc2a48152de4d40e0c34f2228cfd2d547d3aca2198c336d4e02db60f7f44d0c41b5f8a4c41541cb9faba469276848d6118f115a57e951e30ba38e963
-
SSDEEP
98304:mUcipYSMpaMN12Lshswu4gGMn/ZS0fZN28WT4NFmTzHn:spSMpaq12LsTu4mn/cIZN28M4NFuH
Static task
static1
Behavioral task
behavioral1
Sample
0f584bf26dc594bd1a0c2a1e2e92bcf4a10698b17772f9bb46b6e5362f8ed864.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral2
Sample
0f584bf26dc594bd1a0c2a1e2e92bcf4a10698b17772f9bb46b6e5362f8ed864.exe
Resource
win11-20240508-en
Malware Config
Extracted
socks5systemz
cctsddl.net
bhiujdt.com
Targets
-
-
Target
0f584bf26dc594bd1a0c2a1e2e92bcf4a10698b17772f9bb46b6e5362f8ed864
-
Size
4.4MB
-
MD5
2efe75d0cee52a2f5a5af3863127b66c
-
SHA1
411be6da8250df37d692a9a0924faaf339bbf065
-
SHA256
0f584bf26dc594bd1a0c2a1e2e92bcf4a10698b17772f9bb46b6e5362f8ed864
-
SHA512
3716bef9dc2a48152de4d40e0c34f2228cfd2d547d3aca2198c336d4e02db60f7f44d0c41b5f8a4c41541cb9faba469276848d6118f115a57e951e30ba38e963
-
SSDEEP
98304:mUcipYSMpaMN12Lshswu4gGMn/ZS0fZN28WT4NFmTzHn:spSMpaq12LsTu4mn/cIZN28M4NFuH
Score10/10-
Detect Socks5Systemz Payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-