General
-
Target
92e47b3372d7f1cb0f8166ffdf903829f77609a0e09b3d86009e04e4f1ac2c36
-
Size
5.0MB
-
Sample
240620-2wycsa1fqa
-
MD5
96aec38b0602ba9f2039dd4983f99ea8
-
SHA1
bd6faba84fcff40b621afb567df90faa3d1fe499
-
SHA256
92e47b3372d7f1cb0f8166ffdf903829f77609a0e09b3d86009e04e4f1ac2c36
-
SHA512
de1072f46e5778e998d476537a531c242bd0e14f9e2214dac9c2327cf3045692434c08001879866abd7f45450f578b79cf4091b75ac93825978250f320b2c7dc
-
SSDEEP
98304:mM5wJ0DLYvScH028D3jQzYG0yWZ57EYTdvEAxvALB1u3PMaKM/C:Y0DUvNHzAQ04yEkv9VPMq/C
Static task
static1
Behavioral task
behavioral1
Sample
92e47b3372d7f1cb0f8166ffdf903829f77609a0e09b3d86009e04e4f1ac2c36.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
92e47b3372d7f1cb0f8166ffdf903829f77609a0e09b3d86009e04e4f1ac2c36.exe
Resource
win10-20240404-en
Malware Config
Extracted
socks5systemz
bptibom.com
http://bptibom.com/search/?q=67e28dd86f54a728120ffa1d7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f771ea771795af8e05c645db22f31df92d8b38e316a667d307eca743ec4c2b07b52966923a6f87fd15c2ea9c
buafhio.com
http://buafhio.com/search/?q=67e28dd86c0ca77c400cfe4c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa44e8889b5e4fa9281ae978f271ea771795af8e05c645db22f31dfe339426fa11a366c350adb719a9577e55b8603e983a608ff718c2eb979f3c
Targets
-
-
Target
92e47b3372d7f1cb0f8166ffdf903829f77609a0e09b3d86009e04e4f1ac2c36
-
Size
5.0MB
-
MD5
96aec38b0602ba9f2039dd4983f99ea8
-
SHA1
bd6faba84fcff40b621afb567df90faa3d1fe499
-
SHA256
92e47b3372d7f1cb0f8166ffdf903829f77609a0e09b3d86009e04e4f1ac2c36
-
SHA512
de1072f46e5778e998d476537a531c242bd0e14f9e2214dac9c2327cf3045692434c08001879866abd7f45450f578b79cf4091b75ac93825978250f320b2c7dc
-
SSDEEP
98304:mM5wJ0DLYvScH028D3jQzYG0yWZ57EYTdvEAxvALB1u3PMaKM/C:Y0DUvNHzAQ04yEkv9VPMq/C
Score10/10-
Detect Socks5Systemz Payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-