General
-
Target
acac2117cae8e5fd2eb2fe1c525cd0e6fdf9385705fd51fa6fbc3b03e8513b69
-
Size
5.4MB
-
Sample
241102-f58n8axqfs
-
MD5
7381c1420822ebfb600c2bb07ebe68f2
-
SHA1
99ab7d5633008b60496940e9477d73701e37c7e4
-
SHA256
acac2117cae8e5fd2eb2fe1c525cd0e6fdf9385705fd51fa6fbc3b03e8513b69
-
SHA512
a8b527e6c73ec88beaa03a91805e292c1251df60e9503345fbe00e637d3d917fb96e7be07f68ec61c304e4982ceb881d2e2a4d9c192ad24a03468258c0633b20
-
SSDEEP
98304:CRg3pcs4i0NS593oKenQhSyWHLjFnMMnfbJyBg+Kc1S8rZ4Z+PoNRmErXi/CvYTM:gW4iKSH4KenQhSy0FMsJ2FrZ+Mqi/OY4
Malware Config
Targets
-
-
Target
acac2117cae8e5fd2eb2fe1c525cd0e6fdf9385705fd51fa6fbc3b03e8513b69
-
Size
5.4MB
-
MD5
7381c1420822ebfb600c2bb07ebe68f2
-
SHA1
99ab7d5633008b60496940e9477d73701e37c7e4
-
SHA256
acac2117cae8e5fd2eb2fe1c525cd0e6fdf9385705fd51fa6fbc3b03e8513b69
-
SHA512
a8b527e6c73ec88beaa03a91805e292c1251df60e9503345fbe00e637d3d917fb96e7be07f68ec61c304e4982ceb881d2e2a4d9c192ad24a03468258c0633b20
-
SSDEEP
98304:CRg3pcs4i0NS593oKenQhSyWHLjFnMMnfbJyBg+Kc1S8rZ4Z+PoNRmErXi/CvYTM:gW4iKSH4KenQhSy0FMsJ2FrZ+Mqi/OY4
Score10/10-
Detect Socks5Systemz Payload
-
Socks5Systemz
Socks5Systemz is a botnet written in C++.
-
Socks5systemz family
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-