General
-
Target
e6c1c4a4dd7493dc35174d4be49f636e4d768f59afbd3a87f04a75c684118bbd
-
Size
3.6MB
-
Sample
241127-z9l6kaxlbr
-
MD5
256466a292ad17adbcf12267a785a2cf
-
SHA1
b19bd32d1b099b25bd4b41844fc1336888876456
-
SHA256
e6c1c4a4dd7493dc35174d4be49f636e4d768f59afbd3a87f04a75c684118bbd
-
SHA512
a94bda13590670b3265c35d5cf5449a1b127f5870fa89298acd19e69cca515edc3a8d63cee7f50ea4b2783c61f42f60f492ad5d2214d8ee0b09d8848f612f23b
-
SSDEEP
98304:NCHObRjrOAwqi+1C+iaC3FizjeukuCxGC4j6yUW2zcMdYfYHbMSmXWrow:E4Jcqx17iD1ifen114j6yVOcZobMVXW5
Static task
static1
Behavioral task
behavioral1
Sample
e6c1c4a4dd7493dc35174d4be49f636e4d768f59afbd3a87f04a75c684118bbd.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
e6c1c4a4dd7493dc35174d4be49f636e4d768f59afbd3a87f04a75c684118bbd.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
e6c1c4a4dd7493dc35174d4be49f636e4d768f59afbd3a87f04a75c684118bbd
-
Size
3.6MB
-
MD5
256466a292ad17adbcf12267a785a2cf
-
SHA1
b19bd32d1b099b25bd4b41844fc1336888876456
-
SHA256
e6c1c4a4dd7493dc35174d4be49f636e4d768f59afbd3a87f04a75c684118bbd
-
SHA512
a94bda13590670b3265c35d5cf5449a1b127f5870fa89298acd19e69cca515edc3a8d63cee7f50ea4b2783c61f42f60f492ad5d2214d8ee0b09d8848f612f23b
-
SSDEEP
98304:NCHObRjrOAwqi+1C+iaC3FizjeukuCxGC4j6yUW2zcMdYfYHbMSmXWrow:E4Jcqx17iD1ifen114j6yVOcZobMVXW5
Score10/10-
Detect Socks5Systemz Payload
-
Socks5systemz family
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-