General
-
Target
b8837253205ae612758d1dfe0ecbe3de423314595be273edcf2acc19c0fc3bb8
-
Size
5.0MB
-
Sample
240630-x2h3tsshqa
-
MD5
67c79b9ee49e85455c16c661b0c3888d
-
SHA1
6bfb29d8752bd13e7384121017511fba4f586b23
-
SHA256
b8837253205ae612758d1dfe0ecbe3de423314595be273edcf2acc19c0fc3bb8
-
SHA512
5f96fc3c72731675c50062a3a09e45bc67e1d6a43169c5d10a0da6d11f5343a0cffe97ce670b571254894c35b4a2dfc9f65ca3954f4a938314d3541a1ef3be71
-
SSDEEP
98304:Coo8nA+HvBCv/HB4HwEpAZlL/nwk9pLBhEHF1XwV3nQm+XOQx7:E+PB8pOlOf/nwkzEPc3nnQt
Malware Config
Targets
-
-
Target
b8837253205ae612758d1dfe0ecbe3de423314595be273edcf2acc19c0fc3bb8
-
Size
5.0MB
-
MD5
67c79b9ee49e85455c16c661b0c3888d
-
SHA1
6bfb29d8752bd13e7384121017511fba4f586b23
-
SHA256
b8837253205ae612758d1dfe0ecbe3de423314595be273edcf2acc19c0fc3bb8
-
SHA512
5f96fc3c72731675c50062a3a09e45bc67e1d6a43169c5d10a0da6d11f5343a0cffe97ce670b571254894c35b4a2dfc9f65ca3954f4a938314d3541a1ef3be71
-
SSDEEP
98304:Coo8nA+HvBCv/HB4HwEpAZlL/nwk9pLBhEHF1XwV3nQm+XOQx7:E+PB8pOlOf/nwkzEPc3nnQt
Score10/10-
Detect Socks5Systemz Payload
-
Socks5Systemz
Socks5Systemz is a botnet written in C++.
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-