General
-
Target
241466b63ab01b9a6c10c1fde82c6a7f7f1ae2f9c68e8af25348c66bf5f96112
-
Size
5.9MB
-
Sample
241107-hymvaaxkez
-
MD5
f2896362fb9a2f03fbb894e0276bb89b
-
SHA1
85300510ce9fc73113c64e758d21dd94da4b07d5
-
SHA256
241466b63ab01b9a6c10c1fde82c6a7f7f1ae2f9c68e8af25348c66bf5f96112
-
SHA512
e07bc5f0ab42a81af9b619b628fd71e71caa1a9b50c6771af0a858fb9740d339e59bb635cbb70371b66efd10d6894cce8cc2dd8a6d57402992849b920c025cdf
-
SSDEEP
98304:4bVxpMF785lmwqiuwJl2P9f/IP+Kn4gGVXxZJ/UlDFeyORDWG+nwmJ41RPsoW4I:c085kwqU/E/qpG9xv/UlMyORSGjSWRG
Malware Config
Targets
-
-
Target
241466b63ab01b9a6c10c1fde82c6a7f7f1ae2f9c68e8af25348c66bf5f96112
-
Size
5.9MB
-
MD5
f2896362fb9a2f03fbb894e0276bb89b
-
SHA1
85300510ce9fc73113c64e758d21dd94da4b07d5
-
SHA256
241466b63ab01b9a6c10c1fde82c6a7f7f1ae2f9c68e8af25348c66bf5f96112
-
SHA512
e07bc5f0ab42a81af9b619b628fd71e71caa1a9b50c6771af0a858fb9740d339e59bb635cbb70371b66efd10d6894cce8cc2dd8a6d57402992849b920c025cdf
-
SSDEEP
98304:4bVxpMF785lmwqiuwJl2P9f/IP+Kn4gGVXxZJ/UlDFeyORDWG+nwmJ41RPsoW4I:c085kwqU/E/qpG9xv/UlMyORSGjSWRG
Score10/10-
Detect Socks5Systemz Payload
-
Socks5Systemz
Socks5Systemz is a botnet written in C++.
-
Socks5systemz family
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-