General
-
Target
a3068279fe3c2f0508cc8dc076918150f1b5271334b8326824b5a4b48eb8437a
-
Size
5.3MB
-
Sample
240624-pzmdgawenj
-
MD5
35f080735c6b85cde774fa7b913f80cf
-
SHA1
eb9b5645c2b73bce4dbec4204b147e1aff1e7fdb
-
SHA256
a3068279fe3c2f0508cc8dc076918150f1b5271334b8326824b5a4b48eb8437a
-
SHA512
3657cf0db5fcbabe9e91d6f3679acb53e3e54d728f65a3f343404af17ecea7fcebc2a9556354159cd6de8839b528676696a02f9baaad0aa275efe25bf6505f34
-
SSDEEP
98304:mtPI6xPoQW6rIE5Qz/ZksbNL7geOaXLxTiVYrbMz5lnvU0IyRIa:wPZqb6rbQbbNL7gKTkYrO5lZtn
Static task
static1
Behavioral task
behavioral1
Sample
a3068279fe3c2f0508cc8dc076918150f1b5271334b8326824b5a4b48eb8437a.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral2
Sample
a3068279fe3c2f0508cc8dc076918150f1b5271334b8326824b5a4b48eb8437a.exe
Resource
win11-20240508-en
Malware Config
Extracted
socks5systemz
bdgtfro.com
airhnig.ru
Targets
-
-
Target
a3068279fe3c2f0508cc8dc076918150f1b5271334b8326824b5a4b48eb8437a
-
Size
5.3MB
-
MD5
35f080735c6b85cde774fa7b913f80cf
-
SHA1
eb9b5645c2b73bce4dbec4204b147e1aff1e7fdb
-
SHA256
a3068279fe3c2f0508cc8dc076918150f1b5271334b8326824b5a4b48eb8437a
-
SHA512
3657cf0db5fcbabe9e91d6f3679acb53e3e54d728f65a3f343404af17ecea7fcebc2a9556354159cd6de8839b528676696a02f9baaad0aa275efe25bf6505f34
-
SSDEEP
98304:mtPI6xPoQW6rIE5Qz/ZksbNL7geOaXLxTiVYrbMz5lnvU0IyRIa:wPZqb6rbQbbNL7gKTkYrO5lZtn
Score10/10-
Detect Socks5Systemz Payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-