General
-
Target
4f78e5ecac34d579fdaa448fe12dc77bbe920b53ae062e0c0b5692f6b6d29ae4
-
Size
4.6MB
-
Sample
241118-l89zcatqaw
-
MD5
62a28c201a7ad12d641b4a9961e8beba
-
SHA1
f8bc5092acab2173e61be6d28744539836b48357
-
SHA256
4f78e5ecac34d579fdaa448fe12dc77bbe920b53ae062e0c0b5692f6b6d29ae4
-
SHA512
253b91c6c9d6fa1270571922fd68cc19d4f401f16793793306217f7d2f692c56a8b789617c66a7a0544c159d0fe736f27ca802bf2fda2232ab1c7f0a7dd146bb
-
SSDEEP
98304:NKWnyl82/KZKuvFUW0DlrgjDSrx0cuMDILy6UM6OF4dkW:1nyCEUGW0hkjeiokU3pb
Malware Config
Targets
-
-
Target
4f78e5ecac34d579fdaa448fe12dc77bbe920b53ae062e0c0b5692f6b6d29ae4
-
Size
4.6MB
-
MD5
62a28c201a7ad12d641b4a9961e8beba
-
SHA1
f8bc5092acab2173e61be6d28744539836b48357
-
SHA256
4f78e5ecac34d579fdaa448fe12dc77bbe920b53ae062e0c0b5692f6b6d29ae4
-
SHA512
253b91c6c9d6fa1270571922fd68cc19d4f401f16793793306217f7d2f692c56a8b789617c66a7a0544c159d0fe736f27ca802bf2fda2232ab1c7f0a7dd146bb
-
SSDEEP
98304:NKWnyl82/KZKuvFUW0DlrgjDSrx0cuMDILy6UM6OF4dkW:1nyCEUGW0hkjeiokU3pb
Score10/10-
Detect Socks5Systemz Payload
-
Socks5Systemz
Socks5Systemz is a botnet written in C++.
-
Socks5systemz family
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-