General
-
Target
b4bc6912b49e92eb1954f02f250832fa45b3af50bf037028119d83bb2df12bff
-
Size
5.3MB
-
Sample
241101-kxkpms1jcm
-
MD5
7135ac4442239680347f1119fb5febca
-
SHA1
f5af5757abba7e857f47215e312501d37a1b5b9a
-
SHA256
b4bc6912b49e92eb1954f02f250832fa45b3af50bf037028119d83bb2df12bff
-
SHA512
926092eb6bd43c7040f5b1b295538c2e475a01adb71fed9b7b776ecf417116ec11ae017c9d6857681ec0e9372063ee6201feaa96c45ae44f83a771f2f2bb21d1
-
SSDEEP
98304:MfnmS5xM/E7TjSQMEkr3c+UyZUZgK38stOhihXZZByW7eQFo118NO7nodboBx6Vw:Wmiy/qWhJ3dcO67FrNOEdbouQzsU
Malware Config
Targets
-
-
Target
b4bc6912b49e92eb1954f02f250832fa45b3af50bf037028119d83bb2df12bff
-
Size
5.3MB
-
MD5
7135ac4442239680347f1119fb5febca
-
SHA1
f5af5757abba7e857f47215e312501d37a1b5b9a
-
SHA256
b4bc6912b49e92eb1954f02f250832fa45b3af50bf037028119d83bb2df12bff
-
SHA512
926092eb6bd43c7040f5b1b295538c2e475a01adb71fed9b7b776ecf417116ec11ae017c9d6857681ec0e9372063ee6201feaa96c45ae44f83a771f2f2bb21d1
-
SSDEEP
98304:MfnmS5xM/E7TjSQMEkr3c+UyZUZgK38stOhihXZZByW7eQFo118NO7nodboBx6Vw:Wmiy/qWhJ3dcO67FrNOEdbouQzsU
Score10/10-
Detect Socks5Systemz Payload
-
Socks5Systemz
Socks5Systemz is a botnet written in C++.
-
Socks5systemz family
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-