General
-
Target
e7a0a134d787fe5cfbc5b8deef0e5fd4f9887b3c5ef037083d9ade058972e10b
-
Size
5.3MB
-
Sample
240624-qargkatbmd
-
MD5
cea5312c0313b54e04fa613bee461bb4
-
SHA1
b452ac365118898166fa5710809af9f7ace8522a
-
SHA256
e7a0a134d787fe5cfbc5b8deef0e5fd4f9887b3c5ef037083d9ade058972e10b
-
SHA512
9a1f539b9b1b9dfc118c55e17f37d7be9f32846f862c1fb306fb2aa9521aa72048538c9b597d0d4714f3ea036fecb3a752a775b163571a602e14fd3486c5aad6
-
SSDEEP
98304:mcCZ/VRqsySNn+yz+SKyp2Cy32V/0nBbvTwRwd56UNL3655He99T/+n7N1+oPMct:AZCYt3SSKyDHqRvTwKH6U5qqT47KW
Static task
static1
Behavioral task
behavioral1
Sample
e7a0a134d787fe5cfbc5b8deef0e5fd4f9887b3c5ef037083d9ade058972e10b.exe
Resource
win10v2004-20240611-en
Behavioral task
behavioral2
Sample
e7a0a134d787fe5cfbc5b8deef0e5fd4f9887b3c5ef037083d9ade058972e10b.exe
Resource
win11-20240611-en
Malware Config
Extracted
socks5systemz
ebsehew.ua
http://ebsehew.ua/search/?q=67e28dd86e09a721465dff1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa44e8889b5e4fa9281ae978f771ea771795af8e05c645db22f31dfe339426fa11af66c152adb719a9577e55b8603e983a608ff613c3eb97933f
bdxpzdx.com
http://bdxpzdx.com/search/?q=67e28dd86459a42c4009ab4e7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4de8889b5e4fa9281ae978f171ea771795af8e05c645db22f31dfe339426fa12a466c553adb719a9577e55b8603e983a608ff613c3eb979338
Targets
-
-
Target
e7a0a134d787fe5cfbc5b8deef0e5fd4f9887b3c5ef037083d9ade058972e10b
-
Size
5.3MB
-
MD5
cea5312c0313b54e04fa613bee461bb4
-
SHA1
b452ac365118898166fa5710809af9f7ace8522a
-
SHA256
e7a0a134d787fe5cfbc5b8deef0e5fd4f9887b3c5ef037083d9ade058972e10b
-
SHA512
9a1f539b9b1b9dfc118c55e17f37d7be9f32846f862c1fb306fb2aa9521aa72048538c9b597d0d4714f3ea036fecb3a752a775b163571a602e14fd3486c5aad6
-
SSDEEP
98304:mcCZ/VRqsySNn+yz+SKyp2Cy32V/0nBbvTwRwd56UNL3655He99T/+n7N1+oPMct:AZCYt3SSKyDHqRvTwKH6U5qqT47KW
Score10/10-
Detect Socks5Systemz Payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-