General
-
Target
crt.exe
-
Size
3.8MB
-
Sample
240803-xvx86sxbma
-
MD5
4087ac4aa59c087a40a7f6be6b1d1f41
-
SHA1
ec07e43fbf9c80668f05f07c355381547f3662c7
-
SHA256
0384c6409bb5afac939fef6bb65bb6e5ca9d61eee4f20652e754cf0410cb7ebb
-
SHA512
b1ab2aeb5f38be4f45abf7f56096702e2f2b715c5f7602130f8dc64b3301684075a9d45b89d8b187005f7378626f60fc36c04c7f8e9d50880d625fd6d5308f4d
-
SSDEEP
98304:NNF9XFgUtkpVLQ3gt3DPIYWYdRfIxbpjOsdIqbwjcOf12d3:hhFTqVM+3DUYdOxbEELbbOfQ9
Static task
static1
Behavioral task
behavioral1
Sample
crt.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
crt.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
crt.exe
-
Size
3.8MB
-
MD5
4087ac4aa59c087a40a7f6be6b1d1f41
-
SHA1
ec07e43fbf9c80668f05f07c355381547f3662c7
-
SHA256
0384c6409bb5afac939fef6bb65bb6e5ca9d61eee4f20652e754cf0410cb7ebb
-
SHA512
b1ab2aeb5f38be4f45abf7f56096702e2f2b715c5f7602130f8dc64b3301684075a9d45b89d8b187005f7378626f60fc36c04c7f8e9d50880d625fd6d5308f4d
-
SSDEEP
98304:NNF9XFgUtkpVLQ3gt3DPIYWYdRfIxbpjOsdIqbwjcOf12d3:hhFTqVM+3DUYdOxbEELbbOfQ9
Score10/10-
Detect Socks5Systemz Payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-