General
-
Target
7ce055f4aacbd58b2d60db4696182e638188a7f74182b5f2d4b74e2162ae7c14.exe
-
Size
3.5MB
-
Sample
241128-kdfataxpdk
-
MD5
45aa90e1be7619ca1928b2cd6d084a9a
-
SHA1
5ee606c884cb76678bb805ec13639f64cebadf33
-
SHA256
7ce055f4aacbd58b2d60db4696182e638188a7f74182b5f2d4b74e2162ae7c14
-
SHA512
a389b34dd95d63c9be4941ca4dc74b5429473ced48b7f68793d9800c20dd5f8b8739cdf1640cdab03bf6676277d57e9713d598fdebee68ab3c723cf968dfa377
-
SSDEEP
98304:Np2gEC0NB1DJVA6wfIqJRF7vEjFe64Y7OTDYm+i+xKRuNCr9TZ:VE1lVA6i50Fe/Y5m+i+xKRuNC3
Malware Config
Targets
-
-
Target
7ce055f4aacbd58b2d60db4696182e638188a7f74182b5f2d4b74e2162ae7c14.exe
-
Size
3.5MB
-
MD5
45aa90e1be7619ca1928b2cd6d084a9a
-
SHA1
5ee606c884cb76678bb805ec13639f64cebadf33
-
SHA256
7ce055f4aacbd58b2d60db4696182e638188a7f74182b5f2d4b74e2162ae7c14
-
SHA512
a389b34dd95d63c9be4941ca4dc74b5429473ced48b7f68793d9800c20dd5f8b8739cdf1640cdab03bf6676277d57e9713d598fdebee68ab3c723cf968dfa377
-
SSDEEP
98304:Np2gEC0NB1DJVA6wfIqJRF7vEjFe64Y7OTDYm+i+xKRuNCr9TZ:VE1lVA6i50Fe/Y5m+i+xKRuNC3
Score10/10-
Detect Socks5Systemz Payload
-
Socks5Systemz
Socks5Systemz is a botnet written in C++.
-
Socks5systemz family
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-