General
-
Target
fe0678a16d2c979f096da9163dd94da05569d318451dc7badd2c09f10aa86be3
-
Size
4.9MB
-
Sample
240626-e3hvcavejf
-
MD5
9193718b3fb1d4fd8eab303826d44101
-
SHA1
05996443fa1dbc604e1301006daa4af08e18cc5d
-
SHA256
fe0678a16d2c979f096da9163dd94da05569d318451dc7badd2c09f10aa86be3
-
SHA512
89f105693453654768c7f226c8fcc59827b8556b51fd3943ac1c735d9e3e9b9f791458c8eaca5ca27ef620d8156d4eff126798e491fcbf59679b44b3250a1191
-
SSDEEP
98304:msqQa52tC5vBQh9xkILwkFNx6b2GMtzFnb/Ikbfj8cKJ/vaCdgBZSe:pa805pcIBMH9fjTmvaECr
Static task
static1
Behavioral task
behavioral1
Sample
fe0678a16d2c979f096da9163dd94da05569d318451dc7badd2c09f10aa86be3.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral2
Sample
fe0678a16d2c979f096da9163dd94da05569d318451dc7badd2c09f10aa86be3.exe
Resource
win11-20240508-en
Malware Config
Extracted
socks5systemz
bhkctfx.com
http://bhkctfx.com/search/?q=67e28dd83f5aa4794209ff1c7c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa48e8889b5e4fa9281ae978a271ea771795af8e05c645db22f31dfe339426fa11af66c152adb719a9577e55b8603e983a608ff612c7e994993e
http://bhkctfx.com/search/?q=67e28dd83f5aa4794209ff1c7c27d78406abdd88be4b12eab517aa5c96bd86ef9c804c895a8bbc896c58e713bc90c91d36b5281fc235a925ed3e01d6bd974a95129070b616e96cc92be510b866db52b2e34aec4c2b14a82966836f23d7f210c7ee9c993ccb6e9513
bvggzud.com
http://bvggzud.com/search/?q=67e28dd86f59a17b435afa187c27d78406abdd88be4b12ebb517aa5c96bd86ed82df14d714bca5817673aa4fe8889b5e4fa9281ae978a271ea771795af8e05c645db22f31dfe339426fa12a466c553adb719a9577e55b8603e983a608ff612c7e994993f
http://bvggzud.com/search/?q=67e28dd86f59a17b435afa187c27d78406abdd88be4b12eab517aa5c96bd86ec958349865a8bbc896c58e713bc90c91a36b5281fc235a925ed3e01d6bd974a95129070b616e96cc92be510b866db51b9e34eed4c2b14a82966836f23d7f210c7ee9c993ccb6e9512
Targets
-
-
Target
fe0678a16d2c979f096da9163dd94da05569d318451dc7badd2c09f10aa86be3
-
Size
4.9MB
-
MD5
9193718b3fb1d4fd8eab303826d44101
-
SHA1
05996443fa1dbc604e1301006daa4af08e18cc5d
-
SHA256
fe0678a16d2c979f096da9163dd94da05569d318451dc7badd2c09f10aa86be3
-
SHA512
89f105693453654768c7f226c8fcc59827b8556b51fd3943ac1c735d9e3e9b9f791458c8eaca5ca27ef620d8156d4eff126798e491fcbf59679b44b3250a1191
-
SSDEEP
98304:msqQa52tC5vBQh9xkILwkFNx6b2GMtzFnb/Ikbfj8cKJ/vaCdgBZSe:pa805pcIBMH9fjTmvaECr
Score10/10-
Detect Socks5Systemz Payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-