General
-
Target
4d723d67319936c52c38602dccfa40c1a1dff059f9f1ba84c4d041aea1852357
-
Size
4.2MB
-
Sample
241031-nkgc8symfn
-
MD5
522c9cd1aef2a67f0abede20accec8f2
-
SHA1
ed2c850b7d68a3f9982b0b7c28e0ad17a11a7a97
-
SHA256
4d723d67319936c52c38602dccfa40c1a1dff059f9f1ba84c4d041aea1852357
-
SHA512
e7bdf05073fa1c02cda90d30007cdfbbf580ca3bf36fb4cedf13571929fea3dae9f19d2edaed622cf9f725af496f746e819a50084b59324d80a5e49ea685a254
-
SSDEEP
98304:IH5qLmoqmydlOOcLlY9hr088srRepwVu1SoEa3:RaoVydlOOcLl0Q8zrRepws1SpO
Malware Config
Targets
-
-
Target
4d723d67319936c52c38602dccfa40c1a1dff059f9f1ba84c4d041aea1852357
-
Size
4.2MB
-
MD5
522c9cd1aef2a67f0abede20accec8f2
-
SHA1
ed2c850b7d68a3f9982b0b7c28e0ad17a11a7a97
-
SHA256
4d723d67319936c52c38602dccfa40c1a1dff059f9f1ba84c4d041aea1852357
-
SHA512
e7bdf05073fa1c02cda90d30007cdfbbf580ca3bf36fb4cedf13571929fea3dae9f19d2edaed622cf9f725af496f746e819a50084b59324d80a5e49ea685a254
-
SSDEEP
98304:IH5qLmoqmydlOOcLlY9hr088srRepwVu1SoEa3:RaoVydlOOcLl0Q8zrRepws1SpO
Score10/10-
Detect Socks5Systemz Payload
-
Socks5Systemz
Socks5Systemz is a botnet written in C++.
-
Socks5systemz family
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-