General
-
Target
3ba5d33f186f143bf8336e49bd0f08f9206ea5237665e31bca012534a6d9b930
-
Size
5.4MB
-
Sample
241101-3xtawsykgl
-
MD5
3e1fcd4183a24fe6251a2877c707e6bc
-
SHA1
ecbcfb10293096ce055492296a2badc700b83fda
-
SHA256
3ba5d33f186f143bf8336e49bd0f08f9206ea5237665e31bca012534a6d9b930
-
SHA512
a15cf98ff0ae389ec81613688ba7f880a2b7f80d14caa1b30979c6607b6d54b19af72c7b37347ce88825b258675582b45bba5b3291031c8b7ee0f42be425432f
-
SSDEEP
98304:CLyiw65E0pC0wZyLIa5WOGQes8BLS15PJWFi0R0zUpqr/iZLcvvExvLxQxW:iL/EyC0YwIyOQesCuJJyiI0GoiSvvEj9
Malware Config
Targets
-
-
Target
3ba5d33f186f143bf8336e49bd0f08f9206ea5237665e31bca012534a6d9b930
-
Size
5.4MB
-
MD5
3e1fcd4183a24fe6251a2877c707e6bc
-
SHA1
ecbcfb10293096ce055492296a2badc700b83fda
-
SHA256
3ba5d33f186f143bf8336e49bd0f08f9206ea5237665e31bca012534a6d9b930
-
SHA512
a15cf98ff0ae389ec81613688ba7f880a2b7f80d14caa1b30979c6607b6d54b19af72c7b37347ce88825b258675582b45bba5b3291031c8b7ee0f42be425432f
-
SSDEEP
98304:CLyiw65E0pC0wZyLIa5WOGQes8BLS15PJWFi0R0zUpqr/iZLcvvExvLxQxW:iL/EyC0YwIyOQesCuJJyiI0GoiSvvEj9
Score10/10-
Detect Socks5Systemz Payload
-
Socks5Systemz
Socks5Systemz is a botnet written in C++.
-
Socks5systemz family
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-