General
-
Target
09ff07746741a2fc3ae4ae69a2b3732c90c1ad4f556f8b4ade8191b9d389272e
-
Size
5.9MB
-
Sample
241111-rakjpazelr
-
MD5
c066dec8e840d06f651d1f76709e8375
-
SHA1
17f107b97705956e8b570e50e49ace235b702ed9
-
SHA256
09ff07746741a2fc3ae4ae69a2b3732c90c1ad4f556f8b4ade8191b9d389272e
-
SHA512
8d54f14f41f4dafdff8552b62a710d2b8c8754210d0ff74e2c97e876d1d20b79eb124028bd499d789d313a2410305b5d74ca5f4deee2eaae92ece5289a2c7891
-
SSDEEP
98304:4d6MJWr8/XCZX6gO37hScik4KdFyo6tB/uvVPwNwH7aHDviappqqFGuCQNbcX7KD:pMJWr80K9LhPiZ4Uo6fmvVoyH7iW7AGe
Malware Config
Targets
-
-
Target
09ff07746741a2fc3ae4ae69a2b3732c90c1ad4f556f8b4ade8191b9d389272e
-
Size
5.9MB
-
MD5
c066dec8e840d06f651d1f76709e8375
-
SHA1
17f107b97705956e8b570e50e49ace235b702ed9
-
SHA256
09ff07746741a2fc3ae4ae69a2b3732c90c1ad4f556f8b4ade8191b9d389272e
-
SHA512
8d54f14f41f4dafdff8552b62a710d2b8c8754210d0ff74e2c97e876d1d20b79eb124028bd499d789d313a2410305b5d74ca5f4deee2eaae92ece5289a2c7891
-
SSDEEP
98304:4d6MJWr8/XCZX6gO37hScik4KdFyo6tB/uvVPwNwH7aHDviappqqFGuCQNbcX7KD:pMJWr80K9LhPiZ4Uo6fmvVoyH7iW7AGe
Score10/10-
Detect Socks5Systemz Payload
-
Socks5Systemz
Socks5Systemz is a botnet written in C++.
-
Socks5systemz family
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-