General
-
Target
1ad3edf1ad305d9cfa85817a6e6fa1b064bcffbb8de1dece3b42c2bf0946c601
-
Size
5.2MB
-
Sample
240630-xzebvsshmb
-
MD5
ba561e41728a541c554f55ea3ac6cda5
-
SHA1
4dd4cb91d03a25d754d0920c63771dfa32d904cf
-
SHA256
1ad3edf1ad305d9cfa85817a6e6fa1b064bcffbb8de1dece3b42c2bf0946c601
-
SHA512
408ad1c71afafe449c495646086b60ab7a5fc414e02c3fa399eca44e967bfc4a12408852b9d40a9a8cd38121fb21d6aa52dc488cb14bfd033617723bb2e59202
-
SSDEEP
98304:CW1fLAywdVu+AmzN4YZi+RsaIhrkm8XBwfnRfQPTRJslPm+0InlgoQaa9Qxg:7N3S5i+RSZkLxQRfmF+4waPF9QC
Malware Config
Targets
-
-
Target
1ad3edf1ad305d9cfa85817a6e6fa1b064bcffbb8de1dece3b42c2bf0946c601
-
Size
5.2MB
-
MD5
ba561e41728a541c554f55ea3ac6cda5
-
SHA1
4dd4cb91d03a25d754d0920c63771dfa32d904cf
-
SHA256
1ad3edf1ad305d9cfa85817a6e6fa1b064bcffbb8de1dece3b42c2bf0946c601
-
SHA512
408ad1c71afafe449c495646086b60ab7a5fc414e02c3fa399eca44e967bfc4a12408852b9d40a9a8cd38121fb21d6aa52dc488cb14bfd033617723bb2e59202
-
SSDEEP
98304:CW1fLAywdVu+AmzN4YZi+RsaIhrkm8XBwfnRfQPTRJslPm+0InlgoQaa9Qxg:7N3S5i+RSZkLxQRfmF+4waPF9QC
Score10/10-
Detect Socks5Systemz Payload
-
Socks5Systemz
Socks5Systemz is a botnet written in C++.
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-