General
-
Target
767099a416020f7aecd266dc40686e3a863d3e195097877fcb45e4bd13e3f2fb
-
Size
5.5MB
-
Sample
240624-f6mhda1hkj
-
MD5
d1990f87bdd069225ccbe805b7125cce
-
SHA1
913b3caf6ceb1f01caf8d960ad07c0c846389e27
-
SHA256
767099a416020f7aecd266dc40686e3a863d3e195097877fcb45e4bd13e3f2fb
-
SHA512
4a4f884063c9a72ee49eb57d55ab8befdbd416f66f995322e5cf5073070e82b424e725517818d5196a73660fb79e98ea98015bc7667aea6be994b1a963c95cef
-
SSDEEP
98304:mwFRakzDi7qhZFd8yPb/i0r4sDar5ZW5qGiibCIC1dNtEINgyh/daEjvMczj/bse:jFRakzGWhGGb8sDar54qGiUC91hEeg4L
Static task
static1
Behavioral task
behavioral1
Sample
767099a416020f7aecd266dc40686e3a863d3e195097877fcb45e4bd13e3f2fb.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
767099a416020f7aecd266dc40686e3a863d3e195097877fcb45e4bd13e3f2fb.exe
Resource
win10-20240404-en
Malware Config
Extracted
socks5systemz
ddosadb.info
http://ddosadb.info/search/?q=67e28dd86f54a728120ffa1d7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4ce8889b5e4fa9281ae978f771ea771795af8e05c645db22f31df92d8b38e316a667d307eca743ec4c2b07b52966923a6e8cff16c0ee93
ebimnde.ua
http://ebimnde.ua/search/?q=67e28dd86809f27b415ba51b7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa1de8889b5e4fa9281ae978a771ea771795af8e05c645db22f31dfe339426fa11a366c350adb719a9577e55b8603e983a608ff613c0e8959b3f
Targets
-
-
Target
767099a416020f7aecd266dc40686e3a863d3e195097877fcb45e4bd13e3f2fb
-
Size
5.5MB
-
MD5
d1990f87bdd069225ccbe805b7125cce
-
SHA1
913b3caf6ceb1f01caf8d960ad07c0c846389e27
-
SHA256
767099a416020f7aecd266dc40686e3a863d3e195097877fcb45e4bd13e3f2fb
-
SHA512
4a4f884063c9a72ee49eb57d55ab8befdbd416f66f995322e5cf5073070e82b424e725517818d5196a73660fb79e98ea98015bc7667aea6be994b1a963c95cef
-
SSDEEP
98304:mwFRakzDi7qhZFd8yPb/i0r4sDar5ZW5qGiibCIC1dNtEINgyh/daEjvMczj/bse:jFRakzGWhGGb8sDar54qGiUC91hEeg4L
Score10/10-
Detect Socks5Systemz Payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-