General
-
Target
fb49650e29f5707a1eec6789a398c2203c8a628cc79639c98aea94f5aa1e52d9
-
Size
5.5MB
-
Sample
241102-jbsmpazhqh
-
MD5
fd1031b164b9fad40b30576c1e0558b4
-
SHA1
fe8ea75489c9b93ddc10870dadca2668950c4cab
-
SHA256
fb49650e29f5707a1eec6789a398c2203c8a628cc79639c98aea94f5aa1e52d9
-
SHA512
ffb79b752386f048cfbbae0de682db0b348d9f790f439473484bed88d240472bff0ef5566d07b75b8b67690750a1aac48b834133f6bd4f178bcbe6e82220f40b
-
SSDEEP
98304:CqcmoXTTrNqRMC1J459QSVTfhUJROlzVp2xAmDHnpd5Y0o0JX5HjGHVeJY9qGR8M:ZoDzC1J4pVTpUJROQJtd5po0DqHVeJG1
Malware Config
Targets
-
-
Target
fb49650e29f5707a1eec6789a398c2203c8a628cc79639c98aea94f5aa1e52d9
-
Size
5.5MB
-
MD5
fd1031b164b9fad40b30576c1e0558b4
-
SHA1
fe8ea75489c9b93ddc10870dadca2668950c4cab
-
SHA256
fb49650e29f5707a1eec6789a398c2203c8a628cc79639c98aea94f5aa1e52d9
-
SHA512
ffb79b752386f048cfbbae0de682db0b348d9f790f439473484bed88d240472bff0ef5566d07b75b8b67690750a1aac48b834133f6bd4f178bcbe6e82220f40b
-
SSDEEP
98304:CqcmoXTTrNqRMC1J459QSVTfhUJROlzVp2xAmDHnpd5Y0o0JX5HjGHVeJY9qGR8M:ZoDzC1J4pVTpUJROQJtd5po0DqHVeJG1
Score10/10-
Detect Socks5Systemz Payload
-
Socks5Systemz
Socks5Systemz is a botnet written in C++.
-
Socks5systemz family
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-