General
-
Target
ce34435bf933ee44e1976fee196b78fb8ef1abd6dc1a7159016b8417e3b0cc11
-
Size
5.1MB
-
Sample
240628-2ez52stfme
-
MD5
cf00c83a68ee9108f32cbf084b225404
-
SHA1
722633eb9793d8a629c76dc497b0ae2c9807676d
-
SHA256
ce34435bf933ee44e1976fee196b78fb8ef1abd6dc1a7159016b8417e3b0cc11
-
SHA512
a4ff2800a53b2740a37013b006c40d7e253a7a8a0efa1f527dda56f213b08a337f90e0f01f7ee5d86b217aace7a1dec7f054c56d3fae55a792237721ed4d1245
-
SSDEEP
98304:CCGTIeuarSo3xO/ZL0T7MGdrQlKhe/q2FiCQU4ctKwL5BG1d8iXeBZQxg:LGTIYR3cKPhaKgViCwcdBGsiXiZQC
Malware Config
Targets
-
-
Target
ce34435bf933ee44e1976fee196b78fb8ef1abd6dc1a7159016b8417e3b0cc11
-
Size
5.1MB
-
MD5
cf00c83a68ee9108f32cbf084b225404
-
SHA1
722633eb9793d8a629c76dc497b0ae2c9807676d
-
SHA256
ce34435bf933ee44e1976fee196b78fb8ef1abd6dc1a7159016b8417e3b0cc11
-
SHA512
a4ff2800a53b2740a37013b006c40d7e253a7a8a0efa1f527dda56f213b08a337f90e0f01f7ee5d86b217aace7a1dec7f054c56d3fae55a792237721ed4d1245
-
SSDEEP
98304:CCGTIeuarSo3xO/ZL0T7MGdrQlKhe/q2FiCQU4ctKwL5BG1d8iXeBZQxg:LGTIYR3cKPhaKgViCwcdBGsiXiZQC
Score10/10-
Detect Socks5Systemz Payload
-
Socks5Systemz
Socks5Systemz is a botnet written in C++.
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-