General
-
Target
1d4fef0aeb13fcb88a828f85c2945574b9a632bcb5fbeaebdb1f7f3097ceb4ca
-
Size
5.3MB
-
Sample
240624-f3zcrsybld
-
MD5
13d86bf5e6f9de48b83f23ec501135a8
-
SHA1
1fb8edbe5861dc0444395e715ecbd261ae9b99b0
-
SHA256
1d4fef0aeb13fcb88a828f85c2945574b9a632bcb5fbeaebdb1f7f3097ceb4ca
-
SHA512
a57a362cf875d9474e5fd9f06698884b1919b6a53cc06d3160ce52fb770dc88aa9345cc2193456f159e52123774155e34f0f2f92e2f24f43cddfe712e27d607e
-
SSDEEP
98304:mYMKTcH8dTsFXz5Ckd3zwntWnKyvN4uq3h1ERbuHa1szu24/HzwSTXqryVERh:xMKT/dAFj5CkdLnKiqvEhu61szutvsS0
Static task
static1
Behavioral task
behavioral1
Sample
1d4fef0aeb13fcb88a828f85c2945574b9a632bcb5fbeaebdb1f7f3097ceb4ca.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral2
Sample
1d4fef0aeb13fcb88a828f85c2945574b9a632bcb5fbeaebdb1f7f3097ceb4ca.exe
Resource
win11-20240508-en
Malware Config
Extracted
socks5systemz
bppldll.com
http://bppldll.com/search/?q=67e28dd83a5da32a155afd1b7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978a271ea771795af8e05c645db22f31dfe339426fa11af66c152adb719a9577e55b8603e983a608ff613c0e9929f3f
dlkcakc.info
Targets
-
-
Target
1d4fef0aeb13fcb88a828f85c2945574b9a632bcb5fbeaebdb1f7f3097ceb4ca
-
Size
5.3MB
-
MD5
13d86bf5e6f9de48b83f23ec501135a8
-
SHA1
1fb8edbe5861dc0444395e715ecbd261ae9b99b0
-
SHA256
1d4fef0aeb13fcb88a828f85c2945574b9a632bcb5fbeaebdb1f7f3097ceb4ca
-
SHA512
a57a362cf875d9474e5fd9f06698884b1919b6a53cc06d3160ce52fb770dc88aa9345cc2193456f159e52123774155e34f0f2f92e2f24f43cddfe712e27d607e
-
SSDEEP
98304:mYMKTcH8dTsFXz5Ckd3zwntWnKyvN4uq3h1ERbuHa1szu24/HzwSTXqryVERh:xMKT/dAFj5CkdLnKiqvEhu61szutvsS0
Score10/10-
Detect Socks5Systemz Payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-