Extracted

• • Target

    863f6e84b82538cf8f71d294aa0a44a2490aac54c709d2aa3383bc778bfc7740

  • Size

    3.0MB

  • MD5

    bf0580ea2de702cc5d64b7cb8688fac8

  • SHA1

    bcc9d0317aecf1ec81bb83426b7b7bd53d1299f5

  • SHA256

    863f6e84b82538cf8f71d294aa0a44a2490aac54c709d2aa3383bc778bfc7740

  • SHA512

    363fe567f92ee6c126eb2753a1a07fc2a6525d7a2d7ccd8735f9a134ef44d653ac4330ff0098ada4525ef1aaa861b5cac11eacb186450e54e95fb5aa8b358a4a

  • SSDEEP

    49152:G2XiKqwyof2QSYSyBoVW6Q/gMc23xxNrx84LaWnY4hTyPNmqed7AMNiK/sI:/X08qYP6sc23LD9Y4BcNmq8jNiOd

  Score

  10^/10

  socks5systemzbotnetdiscovery

  • Detect Socks5Systemz Payload

  • Socks5Systemz

    Socks5Systemz is a botnet written in C++.

    botnetsocks5systemz

  • Socks5systemz family

    socks5systemz

  • Executes dropped EXE

  • Loads dropped DLL

  • Unexpected DNS network traffic destination

    Network traffic to other servers than the configured DNS servers was detected on the DNS port.

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2