General
-
Target
7a694a69d16b2d63b6bb84009be9075eb371932b10c7542467b2b6dcab71fde4
-
Size
5.3MB
-
Sample
240713-b1mtqssdng
-
MD5
b40fe16074164bd722f57a7b53747339
-
SHA1
976439ccab616b5256cd0e7695556732c968bded
-
SHA256
7a694a69d16b2d63b6bb84009be9075eb371932b10c7542467b2b6dcab71fde4
-
SHA512
38244330e4de2a158165c14ed59391ef53d357c6130b74a454dad73d652427e22014c0345664ac849588309e1654711d067ce9d6af3420b26f6f3fe1a789c40a
-
SSDEEP
98304:C+Z10Aah8KhIF2Cplwr/BMAZsi3VtTdQwLkVVlLj/xZwiWrrasIxMsUmfc6XjNq7:P/0AaKlwtMAkwLAlpZwio2jhUmVjNqQS
Malware Config
Targets
-
-
Target
7a694a69d16b2d63b6bb84009be9075eb371932b10c7542467b2b6dcab71fde4
-
Size
5.3MB
-
MD5
b40fe16074164bd722f57a7b53747339
-
SHA1
976439ccab616b5256cd0e7695556732c968bded
-
SHA256
7a694a69d16b2d63b6bb84009be9075eb371932b10c7542467b2b6dcab71fde4
-
SHA512
38244330e4de2a158165c14ed59391ef53d357c6130b74a454dad73d652427e22014c0345664ac849588309e1654711d067ce9d6af3420b26f6f3fe1a789c40a
-
SSDEEP
98304:C+Z10Aah8KhIF2Cplwr/BMAZsi3VtTdQwLkVVlLj/xZwiWrrasIxMsUmfc6XjNq7:P/0AaKlwtMAkwLAlpZwio2jhUmVjNqQS
Score10/10-
Detect Socks5Systemz Payload
-
Socks5Systemz
Socks5Systemz is a botnet written in C++.
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-