General
-
Target
e8a1d20f9f235928e58c2feeda7d1e42beef21d9476483af80cb045d60a0c475
-
Size
5.9MB
-
Sample
241106-1msv9sxpbt
-
MD5
8a800f13292ffdc85ddec778f3500f93
-
SHA1
a7c4f20adc12b89b57a73c7f2f004ad196e4de1a
-
SHA256
e8a1d20f9f235928e58c2feeda7d1e42beef21d9476483af80cb045d60a0c475
-
SHA512
f75e232c05dd59bb6f824c29dc662456cb96674a949049cc6633944a90e92d2ce697c82979d4d61f7bdc85f82296e6ca2373e426470e54ba7100d2dc84a33a14
-
SSDEEP
98304:4px0pJKeSccP/dqaN6tC3QW7QkGEA3fWDvZkMdRFOhlPnHwGSMGcSulyoIvq:ExkJKB3ditCg+QxEA3fmvZ5TOhlfRNSS
Malware Config
Targets
-
-
Target
e8a1d20f9f235928e58c2feeda7d1e42beef21d9476483af80cb045d60a0c475
-
Size
5.9MB
-
MD5
8a800f13292ffdc85ddec778f3500f93
-
SHA1
a7c4f20adc12b89b57a73c7f2f004ad196e4de1a
-
SHA256
e8a1d20f9f235928e58c2feeda7d1e42beef21d9476483af80cb045d60a0c475
-
SHA512
f75e232c05dd59bb6f824c29dc662456cb96674a949049cc6633944a90e92d2ce697c82979d4d61f7bdc85f82296e6ca2373e426470e54ba7100d2dc84a33a14
-
SSDEEP
98304:4px0pJKeSccP/dqaN6tC3QW7QkGEA3fWDvZkMdRFOhlPnHwGSMGcSulyoIvq:ExkJKB3ditCg+QxEA3fmvZ5TOhlfRNSS
Score10/10-
Detect Socks5Systemz Payload
-
Socks5Systemz
Socks5Systemz is a botnet written in C++.
-
Socks5systemz family
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-