General
-
Target
87731350c9460624025875efd389bba34a40a7540102d7953a40c512782f669f
-
Size
5.8MB
-
Sample
241111-r8bpfazhmk
-
MD5
a5a0bc7e47a238a4200f68f32951a3b5
-
SHA1
75d089061edd87ca8fce80f1e715fa58080ff919
-
SHA256
87731350c9460624025875efd389bba34a40a7540102d7953a40c512782f669f
-
SHA512
e850cf861d48187b296911a7fb3599faa64fbbf19e63960d502e5de4f2a6c1055e2df12b0fb80fef657aa345ac61db72b9657dbddb65e5f85b7a681bef26bd3b
-
SSDEEP
98304:4EawrJnr16JJTHqjPut/4ctLLHethXR9kcIhlO9RG7vrF5MHe97+yuwCNW3:Ra+JnroXejY/4fHJ8g67vZ5MHs+yiNI
Malware Config
Targets
-
-
Target
87731350c9460624025875efd389bba34a40a7540102d7953a40c512782f669f
-
Size
5.8MB
-
MD5
a5a0bc7e47a238a4200f68f32951a3b5
-
SHA1
75d089061edd87ca8fce80f1e715fa58080ff919
-
SHA256
87731350c9460624025875efd389bba34a40a7540102d7953a40c512782f669f
-
SHA512
e850cf861d48187b296911a7fb3599faa64fbbf19e63960d502e5de4f2a6c1055e2df12b0fb80fef657aa345ac61db72b9657dbddb65e5f85b7a681bef26bd3b
-
SSDEEP
98304:4EawrJnr16JJTHqjPut/4ctLLHethXR9kcIhlO9RG7vrF5MHe97+yuwCNW3:Ra+JnroXejY/4fHJ8g67vZ5MHs+yiNI
Score10/10-
Detect Socks5Systemz Payload
-
Socks5Systemz
Socks5Systemz is a botnet written in C++.
-
Socks5systemz family
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-