General
-
Target
42546a61d6d80e4d1a171f4a08fae2ecd12138ad939280fafed39f717b0de2f5
-
Size
5.0MB
-
Sample
240629-n3myqszelp
-
MD5
9bce1e8b20d486989240f892d818421e
-
SHA1
aae834e9eb3b2b92fee64cc9e8132a070ac23cb2
-
SHA256
42546a61d6d80e4d1a171f4a08fae2ecd12138ad939280fafed39f717b0de2f5
-
SHA512
cb781bd7722813be483e927990eae9c07a899106566cbb7455a5139cd8934073cfd13c3c68da7cf00ab2e62025a3066ebf218e5043242e4ac4452fc5f0939448
-
SSDEEP
98304:Che1J5MVCvdr/ye4bTUQhFsXH6AopxOlBQFLfVxLNYtU/cwq7D8dQxY:qQeUby7oKsXTonskRxZSSi7D8dQC
Malware Config
Targets
-
-
Target
42546a61d6d80e4d1a171f4a08fae2ecd12138ad939280fafed39f717b0de2f5
-
Size
5.0MB
-
MD5
9bce1e8b20d486989240f892d818421e
-
SHA1
aae834e9eb3b2b92fee64cc9e8132a070ac23cb2
-
SHA256
42546a61d6d80e4d1a171f4a08fae2ecd12138ad939280fafed39f717b0de2f5
-
SHA512
cb781bd7722813be483e927990eae9c07a899106566cbb7455a5139cd8934073cfd13c3c68da7cf00ab2e62025a3066ebf218e5043242e4ac4452fc5f0939448
-
SSDEEP
98304:Che1J5MVCvdr/ye4bTUQhFsXH6AopxOlBQFLfVxLNYtU/cwq7D8dQxY:qQeUby7oKsXTonskRxZSSi7D8dQC
Score10/10-
Detect Socks5Systemz Payload
-
Socks5Systemz
Socks5Systemz is a botnet written in C++.
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-