General
-
Target
b6fb07e46f25791031cf861958152e68132e68caa3a3465ae54be296cca7ca3f.exe
-
Size
3.8MB
-
Sample
241009-cpkqnsshqp
-
MD5
317ec841343c7ec1c4a727589a90d736
-
SHA1
563406c056a23570f1188a2714eae2cef26ebb19
-
SHA256
b6fb07e46f25791031cf861958152e68132e68caa3a3465ae54be296cca7ca3f
-
SHA512
56d3d894da0e1cffa30d9e7ece6af3032cea2c08649a883b26b40d7eed7c7e4161f6ec8ed66349f121056eb44d3a7a02be06415bdfbd87446090f4192dac1f0a
-
SSDEEP
98304:xdxt2DzLmaghwS8ZhUPSl5R7wOPaSfbNBzHrMFKbpmBeE:DxczLmaJQW7wOPaSJFLMYbpmBeE
Malware Config
Targets
-
-
Target
b6fb07e46f25791031cf861958152e68132e68caa3a3465ae54be296cca7ca3f.exe
-
Size
3.8MB
-
MD5
317ec841343c7ec1c4a727589a90d736
-
SHA1
563406c056a23570f1188a2714eae2cef26ebb19
-
SHA256
b6fb07e46f25791031cf861958152e68132e68caa3a3465ae54be296cca7ca3f
-
SHA512
56d3d894da0e1cffa30d9e7ece6af3032cea2c08649a883b26b40d7eed7c7e4161f6ec8ed66349f121056eb44d3a7a02be06415bdfbd87446090f4192dac1f0a
-
SSDEEP
98304:xdxt2DzLmaghwS8ZhUPSl5R7wOPaSfbNBzHrMFKbpmBeE:DxczLmaJQW7wOPaSJFLMYbpmBeE
Score10/10-
Detect Socks5Systemz Payload
-
Socks5Systemz
Socks5Systemz is a botnet written in C++.
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-