General
-
Target
2e88345ca0276555d6be3aa117f521c72fd966d12f91dcbd85963e0fe9d68610
-
Size
5.4MB
-
Sample
240624-gmy8hayfmc
-
MD5
49bd3637cac2196f55f0c3b35b50e4d9
-
SHA1
20e2c3f5c0c82103bbf8e205e7dab42011d0f420
-
SHA256
2e88345ca0276555d6be3aa117f521c72fd966d12f91dcbd85963e0fe9d68610
-
SHA512
6373b594c0da25e1456d1005fd52c5ad9f80da9933641fa56592cd14277813e19379dbc0dda9d2de6f1493253dca7010da18d90c4fe6406581b2e717e78c1d6c
-
SSDEEP
98304:m6M60qgQqye20qQNH5A/NHjaz3GdUkXnvCorx84inw2mWrmauffidH:DLe2Ob+DaTGpCTnw/WrSfyH
Static task
static1
Behavioral task
behavioral1
Sample
2e88345ca0276555d6be3aa117f521c72fd966d12f91dcbd85963e0fe9d68610.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral2
Sample
2e88345ca0276555d6be3aa117f521c72fd966d12f91dcbd85963e0fe9d68610.exe
Resource
win11-20240419-en
Malware Config
Extracted
socks5systemz
ddluwcb.info
bwuvuhs.com
Targets
-
-
Target
2e88345ca0276555d6be3aa117f521c72fd966d12f91dcbd85963e0fe9d68610
-
Size
5.4MB
-
MD5
49bd3637cac2196f55f0c3b35b50e4d9
-
SHA1
20e2c3f5c0c82103bbf8e205e7dab42011d0f420
-
SHA256
2e88345ca0276555d6be3aa117f521c72fd966d12f91dcbd85963e0fe9d68610
-
SHA512
6373b594c0da25e1456d1005fd52c5ad9f80da9933641fa56592cd14277813e19379dbc0dda9d2de6f1493253dca7010da18d90c4fe6406581b2e717e78c1d6c
-
SSDEEP
98304:m6M60qgQqye20qQNH5A/NHjaz3GdUkXnvCorx84inw2mWrmauffidH:DLe2Ob+DaTGpCTnw/WrSfyH
Score10/10-
Detect Socks5Systemz Payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-