General
-
Target
fd82388cccd686f54503bc41929b39b8.bin
-
Size
4.5MB
-
Sample
240107-dkbgwadbeq
-
MD5
fd82388cccd686f54503bc41929b39b8
-
SHA1
24fd01b0318aaf739b204a456e5f64a19c271e6d
-
SHA256
08e99c84eae02bcadf577873cf34b6f87b718d83b9c8721e849888425ed9450d
-
SHA512
ca5924175338b1741ff79135dbab883403ffd03012cd7914ac173f778159e99c11c115cdad3b085aa67eb9b9136ff9c76cd5a8775f9abc3c35524468a2242c59
-
SSDEEP
98304:QHfMnRjsJoLAX5/0LUlwSL/9gv+7AaIk4dm8:ts6MX5fwSSN24dD
Malware Config
Targets
-
-
Target
fd82388cccd686f54503bc41929b39b8.bin
-
Size
4.5MB
-
MD5
fd82388cccd686f54503bc41929b39b8
-
SHA1
24fd01b0318aaf739b204a456e5f64a19c271e6d
-
SHA256
08e99c84eae02bcadf577873cf34b6f87b718d83b9c8721e849888425ed9450d
-
SHA512
ca5924175338b1741ff79135dbab883403ffd03012cd7914ac173f778159e99c11c115cdad3b085aa67eb9b9136ff9c76cd5a8775f9abc3c35524468a2242c59
-
SSDEEP
98304:QHfMnRjsJoLAX5/0LUlwSL/9gv+7AaIk4dm8:ts6MX5fwSSN24dD
Score10/10-
Detect Socks5Systemz Payload
-
Socks5Systemz
Socks5Systemz is a botnet written in C++.
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-