General
-
Target
911d4aa9cdeade8f5abe7cd07d91bf7871c9e1108b2bccf2d6de331e923196e9
-
Size
5.8MB
-
Sample
241111-t1sn4a1hnd
-
MD5
8db69f293d80006e81998659cd3a3bc1
-
SHA1
a4d63a0841047fbf5b5c877b91111d2b587c8d65
-
SHA256
911d4aa9cdeade8f5abe7cd07d91bf7871c9e1108b2bccf2d6de331e923196e9
-
SHA512
4c7f1c5dd0b199121d798514ad5b7d2a031d7e67a446dfa3d49696cd24aafa1e4ee04f03931b2bc93107dc4f698f3e542e333c0fb54400f7be07bf5c51ed52f2
-
SSDEEP
98304:4w8kKnV35l9FNIw9M3E0z0y2x4/u8j08utyYB9XKsBnRTzDwBJiFmlg8L9:V8kKnPl9FKQMU0z0jx182tyYB9aqnRXW
Malware Config
Targets
-
-
Target
911d4aa9cdeade8f5abe7cd07d91bf7871c9e1108b2bccf2d6de331e923196e9
-
Size
5.8MB
-
MD5
8db69f293d80006e81998659cd3a3bc1
-
SHA1
a4d63a0841047fbf5b5c877b91111d2b587c8d65
-
SHA256
911d4aa9cdeade8f5abe7cd07d91bf7871c9e1108b2bccf2d6de331e923196e9
-
SHA512
4c7f1c5dd0b199121d798514ad5b7d2a031d7e67a446dfa3d49696cd24aafa1e4ee04f03931b2bc93107dc4f698f3e542e333c0fb54400f7be07bf5c51ed52f2
-
SSDEEP
98304:4w8kKnV35l9FNIw9M3E0z0y2x4/u8j08utyYB9XKsBnRTzDwBJiFmlg8L9:V8kKnPl9FKQMU0z0jx182tyYB9aqnRXW
Score10/10-
Detect Socks5Systemz Payload
-
Socks5Systemz
Socks5Systemz is a botnet written in C++.
-
Socks5systemz family
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-