General
-
Target
3bde0b817bbe26e7ec466c1a63211a2d218da842a62496b0413644786bb29ab3
-
Size
5.8MB
-
Sample
241118-ke58mashnj
-
MD5
9d6c76bf43f32a50d7420936ac4a17d8
-
SHA1
61186f421e04d91a70a5d36b58f8064ed17099aa
-
SHA256
3bde0b817bbe26e7ec466c1a63211a2d218da842a62496b0413644786bb29ab3
-
SHA512
b8c398fade7488f1a3cf31445b16430e523d60356e2e19a0370e95d231c41c5b32e556a78fb0f414b56ed47ffe1c3c33c097706d2893234a8baa855db7fea211
-
SSDEEP
98304:NsXoTrtqJNtvwqA7yDkl/WXtWizKj3Al/s+dU18y5j0YM6R1NgTj8+VRsgmLNY4D:YoHtqDqqA7yi/WXPzK7sxdU18y5j0B4t
Malware Config
Targets
-
-
Target
3bde0b817bbe26e7ec466c1a63211a2d218da842a62496b0413644786bb29ab3
-
Size
5.8MB
-
MD5
9d6c76bf43f32a50d7420936ac4a17d8
-
SHA1
61186f421e04d91a70a5d36b58f8064ed17099aa
-
SHA256
3bde0b817bbe26e7ec466c1a63211a2d218da842a62496b0413644786bb29ab3
-
SHA512
b8c398fade7488f1a3cf31445b16430e523d60356e2e19a0370e95d231c41c5b32e556a78fb0f414b56ed47ffe1c3c33c097706d2893234a8baa855db7fea211
-
SSDEEP
98304:NsXoTrtqJNtvwqA7yDkl/WXtWizKj3Al/s+dU18y5j0YM6R1NgTj8+VRsgmLNY4D:YoHtqDqqA7yi/WXPzK7sxdU18y5j0B4t
Score10/10-
Detect Socks5Systemz Payload
-
Socks5Systemz
Socks5Systemz is a botnet written in C++.
-
Socks5systemz family
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-