General
-
Target
c1ddffb2a83ec3afb3959120e90dffe209af79930340eaa739c5c72c7fc8e676
-
Size
5.0MB
-
Sample
240629-s1ralatckj
-
MD5
e4474ec7d05c662a55764401a66e480b
-
SHA1
1daf732d394e3301b6048c4c5c0eae2d9b0d33b4
-
SHA256
c1ddffb2a83ec3afb3959120e90dffe209af79930340eaa739c5c72c7fc8e676
-
SHA512
fa91393196b3fa44bb7b18562d016c54f3e7d5435d02cad5704c251b0b6c842508f42f85e9f476e6e70176eeee9ec80697daa3e310a035fc00f78f36d498ae27
-
SSDEEP
98304:Cdlpzv5q4P+BYzLzyXDEi7srL3Y04HOgZ+dIW8dxLBlyd9dUuE1bT5wCTAo0mRit:8pzg4sQOTV7srLIIgcszBgdguqJwSx0X
Malware Config
Targets
-
-
Target
c1ddffb2a83ec3afb3959120e90dffe209af79930340eaa739c5c72c7fc8e676
-
Size
5.0MB
-
MD5
e4474ec7d05c662a55764401a66e480b
-
SHA1
1daf732d394e3301b6048c4c5c0eae2d9b0d33b4
-
SHA256
c1ddffb2a83ec3afb3959120e90dffe209af79930340eaa739c5c72c7fc8e676
-
SHA512
fa91393196b3fa44bb7b18562d016c54f3e7d5435d02cad5704c251b0b6c842508f42f85e9f476e6e70176eeee9ec80697daa3e310a035fc00f78f36d498ae27
-
SSDEEP
98304:Cdlpzv5q4P+BYzLzyXDEi7srL3Y04HOgZ+dIW8dxLBlyd9dUuE1bT5wCTAo0mRit:8pzg4sQOTV7srLIIgcszBgdguqJwSx0X
Score10/10-
Detect Socks5Systemz Payload
-
Socks5Systemz
Socks5Systemz is a botnet written in C++.
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-