General
-
Target
6d00c44b3f9be1f413cc5ced4f3679f0acef171592bedb90497313a94cf475b8
-
Size
5.3MB
-
Sample
241101-p12vjsyqcs
-
MD5
7731b5ce3da5980d03b17ab4db43b220
-
SHA1
30d4f55f9bd3a87ab9e2239aa3e8aa1ba6d226d8
-
SHA256
6d00c44b3f9be1f413cc5ced4f3679f0acef171592bedb90497313a94cf475b8
-
SHA512
69492d31e525035cb43ab8de9681e506e452b926fbbf0f4d3b0dd38270bdcba5da98692bd26d30c273c057235241ba9714721791af1eddd2eaa1beb90d88d758
-
SSDEEP
98304:Mo6lro9Qnc/Vtwl5puPIoo7utW55FCd1QO6Ag2CKes9Dz27rblqctiVtm/sqJ:Ko9yGwl5UPIV7uc57UP62CaNCJqGwts5
Malware Config
Targets
-
-
Target
6d00c44b3f9be1f413cc5ced4f3679f0acef171592bedb90497313a94cf475b8
-
Size
5.3MB
-
MD5
7731b5ce3da5980d03b17ab4db43b220
-
SHA1
30d4f55f9bd3a87ab9e2239aa3e8aa1ba6d226d8
-
SHA256
6d00c44b3f9be1f413cc5ced4f3679f0acef171592bedb90497313a94cf475b8
-
SHA512
69492d31e525035cb43ab8de9681e506e452b926fbbf0f4d3b0dd38270bdcba5da98692bd26d30c273c057235241ba9714721791af1eddd2eaa1beb90d88d758
-
SSDEEP
98304:Mo6lro9Qnc/Vtwl5puPIoo7utW55FCd1QO6Ag2CKes9Dz27rblqctiVtm/sqJ:Ko9yGwl5UPIV7uc57UP62CaNCJqGwts5
Score10/10-
Detect Socks5Systemz Payload
-
Socks5Systemz
Socks5Systemz is a botnet written in C++.
-
Socks5systemz family
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-