General
-
Target
a6cfc86b446f4c920cc6dfc20eb0b77179a5894c56cee23dce33a0d1558d5422
-
Size
5.9MB
-
Sample
241118-kgq7gsseqa
-
MD5
60d7980af1b3f08c8dda162969f01213
-
SHA1
79fa38e5be6db3939432929a30b63dffc820405d
-
SHA256
a6cfc86b446f4c920cc6dfc20eb0b77179a5894c56cee23dce33a0d1558d5422
-
SHA512
10ad1a434d7796942f542b024fc6286265b0232d9b8d7893347405d6b540112c83083da9681d4a663a044d1fc1388f0b1e71483dc8eb162c3823fb3bab7350de
-
SSDEEP
98304:NK3LCyoaF8ZJmnHnMyzKnCbA1SFaYWaYMrwKoknN4KbxjYjOX0jJln7VB8dmp:03vD8Z4nHnMyzI+TAYWTNknWKblTEjHx
Malware Config
Targets
-
-
Target
a6cfc86b446f4c920cc6dfc20eb0b77179a5894c56cee23dce33a0d1558d5422
-
Size
5.9MB
-
MD5
60d7980af1b3f08c8dda162969f01213
-
SHA1
79fa38e5be6db3939432929a30b63dffc820405d
-
SHA256
a6cfc86b446f4c920cc6dfc20eb0b77179a5894c56cee23dce33a0d1558d5422
-
SHA512
10ad1a434d7796942f542b024fc6286265b0232d9b8d7893347405d6b540112c83083da9681d4a663a044d1fc1388f0b1e71483dc8eb162c3823fb3bab7350de
-
SSDEEP
98304:NK3LCyoaF8ZJmnHnMyzKnCbA1SFaYWaYMrwKoknN4KbxjYjOX0jJln7VB8dmp:03vD8Z4nHnMyzI+TAYWTNknWKblTEjHx
Score10/10-
Detect Socks5Systemz Payload
-
Socks5Systemz
Socks5Systemz is a botnet written in C++.
-
Socks5systemz family
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-