General
-
Target
26afc17eb65309d1cca83bb0eb5b774c62ee2f0a8c3dd3bc1262bc236281069c
-
Size
3.6MB
-
Sample
241119-rzh26axjby
-
MD5
e5da41aae20721a66d5e2b8a0ea5139f
-
SHA1
804304b4524f275d37a139c4863c17bfeabcac63
-
SHA256
26afc17eb65309d1cca83bb0eb5b774c62ee2f0a8c3dd3bc1262bc236281069c
-
SHA512
0966de9995b757b4c06025d315638c78b0828105aa37383c12df820a38134c9d2665771a775dfdcc01848e779403a4b5115784d364ff8ce2e0872f4b887485fd
-
SSDEEP
98304:Nb+NYs1DZ4+OeqUv2w4yfT+6x2bAeMA1bE+FV2lFz:x+KsM+/ZevUTr2EebBMlFz
Static task
static1
Behavioral task
behavioral1
Sample
26afc17eb65309d1cca83bb0eb5b774c62ee2f0a8c3dd3bc1262bc236281069c.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
26afc17eb65309d1cca83bb0eb5b774c62ee2f0a8c3dd3bc1262bc236281069c.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
26afc17eb65309d1cca83bb0eb5b774c62ee2f0a8c3dd3bc1262bc236281069c
-
Size
3.6MB
-
MD5
e5da41aae20721a66d5e2b8a0ea5139f
-
SHA1
804304b4524f275d37a139c4863c17bfeabcac63
-
SHA256
26afc17eb65309d1cca83bb0eb5b774c62ee2f0a8c3dd3bc1262bc236281069c
-
SHA512
0966de9995b757b4c06025d315638c78b0828105aa37383c12df820a38134c9d2665771a775dfdcc01848e779403a4b5115784d364ff8ce2e0872f4b887485fd
-
SSDEEP
98304:Nb+NYs1DZ4+OeqUv2w4yfT+6x2bAeMA1bE+FV2lFz:x+KsM+/ZevUTr2EebBMlFz
Score10/10-
Detect Socks5Systemz Payload
-
Socks5systemz family
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-