General
-
Target
177a26d662469cf66720038c877240a212e6e7551290f79c88e2b01bf277462b
-
Size
5.0MB
-
Sample
240630-lpskysygrq
-
MD5
bf59e4b33ce0e3b205e22ea36b5e6ade
-
SHA1
2270eb7d089da39738f0904b763ac5970b450173
-
SHA256
177a26d662469cf66720038c877240a212e6e7551290f79c88e2b01bf277462b
-
SHA512
83a0ca943908941959a3edb7aec9746de6900eea78ec0c97af06c0c47d671f9ed00520ec507f9e9803aea128997306fd5df753ca13cf605d1c1e18ec9930b9f9
-
SSDEEP
98304:Cceh+JN9LVmm6GaulA8oN3Hp+p/V+DhaHaKkMhfJuzT3Dv89yKRPTcudAoSDR6RA:/pJNlVmqaulRoBYNKhaHalwuzXv89HTC
Malware Config
Targets
-
-
Target
177a26d662469cf66720038c877240a212e6e7551290f79c88e2b01bf277462b
-
Size
5.0MB
-
MD5
bf59e4b33ce0e3b205e22ea36b5e6ade
-
SHA1
2270eb7d089da39738f0904b763ac5970b450173
-
SHA256
177a26d662469cf66720038c877240a212e6e7551290f79c88e2b01bf277462b
-
SHA512
83a0ca943908941959a3edb7aec9746de6900eea78ec0c97af06c0c47d671f9ed00520ec507f9e9803aea128997306fd5df753ca13cf605d1c1e18ec9930b9f9
-
SSDEEP
98304:Cceh+JN9LVmm6GaulA8oN3Hp+p/V+DhaHaKkMhfJuzT3Dv89yKRPTcudAoSDR6RA:/pJNlVmqaulRoBYNKhaHalwuzXv89HTC
Score10/10-
Detect Socks5Systemz Payload
-
Socks5Systemz
Socks5Systemz is a botnet written in C++.
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-