General
-
Target
9c738db5498eefb6136243cf87ad3ec36f6f040f4f603def4c0952ced91f6e04
-
Size
5.4MB
-
Sample
241101-w8437sskgx
-
MD5
ba34dbfa33e82045730d1ee444564f50
-
SHA1
973202aadebeb3ee250820582d762916394a64f4
-
SHA256
9c738db5498eefb6136243cf87ad3ec36f6f040f4f603def4c0952ced91f6e04
-
SHA512
b2a4ce20c0fb20bad632c2fe4c32d0cd12ac33549755863715d68cc76608d212c1c77915bba18438352427851a37aaeb4a16d6c78d28745227402b9f01b58f72
-
SSDEEP
98304:CpDrP+i4om4Xhs4Hujl3AXD58zgDyEtJr62S55pAe3h5z+ity3b8dvqHbiPuXwEF:yr2bomus4c38+Idq2S55Gmh5Ki03bQIR
Malware Config
Targets
-
-
Target
9c738db5498eefb6136243cf87ad3ec36f6f040f4f603def4c0952ced91f6e04
-
Size
5.4MB
-
MD5
ba34dbfa33e82045730d1ee444564f50
-
SHA1
973202aadebeb3ee250820582d762916394a64f4
-
SHA256
9c738db5498eefb6136243cf87ad3ec36f6f040f4f603def4c0952ced91f6e04
-
SHA512
b2a4ce20c0fb20bad632c2fe4c32d0cd12ac33549755863715d68cc76608d212c1c77915bba18438352427851a37aaeb4a16d6c78d28745227402b9f01b58f72
-
SSDEEP
98304:CpDrP+i4om4Xhs4Hujl3AXD58zgDyEtJr62S55pAe3h5z+ity3b8dvqHbiPuXwEF:yr2bomus4c38+Idq2S55Gmh5Ki03bQIR
Score10/10-
Detect Socks5Systemz Payload
-
Socks5Systemz
Socks5Systemz is a botnet written in C++.
-
Socks5systemz family
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-