General
-
Target
0a96f175b2b328338138ba70a74595a3b257554d6c39a80121e40f8249d754d5
-
Size
4.8MB
-
Sample
240620-2f1szazgrh
-
MD5
7865eee30eca2363a8b0ae9b842de660
-
SHA1
b4577df2821d83c0289f071c51fd93f4759814a7
-
SHA256
0a96f175b2b328338138ba70a74595a3b257554d6c39a80121e40f8249d754d5
-
SHA512
e76574b964eafdac8b3f8acb2af2c1382ade3a544f2c8289094330fdb0e982280f8190ca654c56a314c023b7db479a6821f44eb67462581d6a9ecc98abac2422
-
SSDEEP
98304:mZLAwhPYtoJE7Q9nilctGKng6/r9pUzIx4VaS8XEd0qMO/gHkD0vu38wER7taWqw:8LA2JN9niytG/6jkzAK8XY0f8CG0vubS
Static task
static1
Behavioral task
behavioral1
Sample
0a96f175b2b328338138ba70a74595a3b257554d6c39a80121e40f8249d754d5.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
0a96f175b2b328338138ba70a74595a3b257554d6c39a80121e40f8249d754d5.exe
Resource
win10-20240404-en
Malware Config
Extracted
socks5systemz
bhfbkva.com
http://bhfbkva.com/search/?q=67e28dd86a5ba0284308f94b7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f071ea771795af8e05c645db22f31df92d8b38e316a667d307eca743ec4c2b07b52966923a6f87fd13c8ef95
bdkgvqf.com
http://bdkgvqf.com/search/?q=67e28dd8655bf57a4609f84c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa48e8889b5e4fa9281ae978ff71ea771795af8e05c645db22f31dfe339426fa11a366c350adb719a9577e55b8603e983a608ff718c2ed929333
Targets
-
-
Target
0a96f175b2b328338138ba70a74595a3b257554d6c39a80121e40f8249d754d5
-
Size
4.8MB
-
MD5
7865eee30eca2363a8b0ae9b842de660
-
SHA1
b4577df2821d83c0289f071c51fd93f4759814a7
-
SHA256
0a96f175b2b328338138ba70a74595a3b257554d6c39a80121e40f8249d754d5
-
SHA512
e76574b964eafdac8b3f8acb2af2c1382ade3a544f2c8289094330fdb0e982280f8190ca654c56a314c023b7db479a6821f44eb67462581d6a9ecc98abac2422
-
SSDEEP
98304:mZLAwhPYtoJE7Q9nilctGKng6/r9pUzIx4VaS8XEd0qMO/gHkD0vu38wER7taWqw:8LA2JN9niytG/6jkzAK8XY0f8CG0vubS
Score10/10-
Detect Socks5Systemz Payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-