General
-
Target
4937ba4f8d0868ba80849fba1408d95fdac3636147881d7035492bf897d47e70
-
Size
4.1MB
-
Sample
241125-thysds1mel
-
MD5
9153fefde24f508172dbf9c1a4288ee2
-
SHA1
d60815b3bf7d1c2e04071926d8456cdf188b700e
-
SHA256
4937ba4f8d0868ba80849fba1408d95fdac3636147881d7035492bf897d47e70
-
SHA512
8cef6aa54db70da4b2df55bee42132f3363a96fac5d318dcf6d114a1aefda7ad7993dbff4e8a2eb213fa045a01a6d7e36e26b2b5082966e7712f0998c334ac13
-
SSDEEP
98304:N/nKMQ3sFRAidag6T7yj4CuWVIkBp4o+0pcBD2JgtJh1:5aARtIg6T7yjpXIkBpi2i3
Static task
static1
Behavioral task
behavioral1
Sample
4937ba4f8d0868ba80849fba1408d95fdac3636147881d7035492bf897d47e70.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
4937ba4f8d0868ba80849fba1408d95fdac3636147881d7035492bf897d47e70.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
4937ba4f8d0868ba80849fba1408d95fdac3636147881d7035492bf897d47e70
-
Size
4.1MB
-
MD5
9153fefde24f508172dbf9c1a4288ee2
-
SHA1
d60815b3bf7d1c2e04071926d8456cdf188b700e
-
SHA256
4937ba4f8d0868ba80849fba1408d95fdac3636147881d7035492bf897d47e70
-
SHA512
8cef6aa54db70da4b2df55bee42132f3363a96fac5d318dcf6d114a1aefda7ad7993dbff4e8a2eb213fa045a01a6d7e36e26b2b5082966e7712f0998c334ac13
-
SSDEEP
98304:N/nKMQ3sFRAidag6T7yj4CuWVIkBp4o+0pcBD2JgtJh1:5aARtIg6T7yjpXIkBpi2i3
Score10/10-
Detect Socks5Systemz Payload
-
Socks5systemz family
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-