General
-
Target
4c95cd6467c50ee79f22aade768a7f48edb43a941e443775413384aa87c9a35d
-
Size
6.3MB
-
Sample
241104-ylt1tsvqf1
-
MD5
278a9ce09e045ecbc97f3572092a23f9
-
SHA1
a5da8fbc2d8b9fca1ac3088df1050575c77039c3
-
SHA256
4c95cd6467c50ee79f22aade768a7f48edb43a941e443775413384aa87c9a35d
-
SHA512
19cd90ba0bec655ee889ffdc4301730c4dc0b371b83a960e676bc2de882dfebfdb46a4b2debbfb3e3b150ef0b0439a9eaa66146724fe0d2185f187c30487780b
-
SSDEEP
98304:NvwN8rg7l7aWyR4psl6w2OucWp6O+FbvHyWiAeyDTMybbpicWmJLtWk1sq9GLdvI:lwN8aa1aThULuXAxHMybRj9ylI
Malware Config
Targets
-
-
Target
4c95cd6467c50ee79f22aade768a7f48edb43a941e443775413384aa87c9a35d
-
Size
6.3MB
-
MD5
278a9ce09e045ecbc97f3572092a23f9
-
SHA1
a5da8fbc2d8b9fca1ac3088df1050575c77039c3
-
SHA256
4c95cd6467c50ee79f22aade768a7f48edb43a941e443775413384aa87c9a35d
-
SHA512
19cd90ba0bec655ee889ffdc4301730c4dc0b371b83a960e676bc2de882dfebfdb46a4b2debbfb3e3b150ef0b0439a9eaa66146724fe0d2185f187c30487780b
-
SSDEEP
98304:NvwN8rg7l7aWyR4psl6w2OucWp6O+FbvHyWiAeyDTMybbpicWmJLtWk1sq9GLdvI:lwN8aa1aThULuXAxHMybRj9ylI
Score10/10-
Detect Socks5Systemz Payload
-
Socks5Systemz
Socks5Systemz is a botnet written in C++.
-
Socks5systemz family
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-