socks5systemz | fe37cbafe65b82cbfaa5acc012fa2dc0c1c7f470594cdea919608353182f8f5c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fe37cbafe65b82cbfaa5acc012fa2dc0c1c7f470594cdea919608353182f8f5c
Size

648KB
MD5

08d8bc3b69deb3997dc2cd44cc9c0670
SHA1

2bc3da0021a5effd46647325374eb0498f3f45f2
SHA256

fe37cbafe65b82cbfaa5acc012fa2dc0c1c7f470594cdea919608353182f8f5c
SHA512

c3392fe7cdec45534d2a559117d082a2245e6307a73b61c6202566de17a62b66e1091794d2b7fe2651e84892c41c435e18651b731c3e9efb0ce9a085d131bd55
SSDEEP

12288:GbWsink50zq1OY0WOA70CXo9T8v3U19TBiZYGiEbnOCsL0BWfD6/P+wgcK58vAiq:GbWLkezqkBrvPTkZjiEbnOCsLXf2/P+T

Score

10^/10

socks5systemz

Malware Config

Signatures

Detect Socks5Systemz Payload 1 IoCs

resource	yara_rule
sample	family_socks5systemz

Socks5systemz family
socks5systemz

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe37cbafe65b82cbfaa5acc012fa2dc0c1c7f470594cdea919608353182f8f5c

Files

fe37cbafe65b82cbfaa5acc012fa2dc0c1c7f470594cdea919608353182f8f5c
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 150KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 411KB - Virtual size: 411KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE