General
-
Target
f2f33a01d49f3b00ceeb2be892c4ff29c4e258586d5edd30fce8e029dd977ff7
-
Size
5.0MB
-
Sample
240630-y8akpsvard
-
MD5
cd3d41ff24acdaf33336c62e8f54b7ba
-
SHA1
abb1d9a5762821f4aad31146ace4d4845ed93b8d
-
SHA256
f2f33a01d49f3b00ceeb2be892c4ff29c4e258586d5edd30fce8e029dd977ff7
-
SHA512
f67856dafa8d27a5e4c264dab981dec4747727f65b140f1c0485718c390292a63fdcc86fc980d7c68716c33f7024dcf759dfd126c0d3b1c740728d241cee3d90
-
SSDEEP
98304:CwHt6o57vaXSqXWpnvQ6lpkQEEmsVqoIMOLDMBwSOnIDRvEd+fQx7:eo57vySJvbpkKV4o3MMp+ID5+MQt
Malware Config
Targets
-
-
Target
f2f33a01d49f3b00ceeb2be892c4ff29c4e258586d5edd30fce8e029dd977ff7
-
Size
5.0MB
-
MD5
cd3d41ff24acdaf33336c62e8f54b7ba
-
SHA1
abb1d9a5762821f4aad31146ace4d4845ed93b8d
-
SHA256
f2f33a01d49f3b00ceeb2be892c4ff29c4e258586d5edd30fce8e029dd977ff7
-
SHA512
f67856dafa8d27a5e4c264dab981dec4747727f65b140f1c0485718c390292a63fdcc86fc980d7c68716c33f7024dcf759dfd126c0d3b1c740728d241cee3d90
-
SSDEEP
98304:CwHt6o57vaXSqXWpnvQ6lpkQEEmsVqoIMOLDMBwSOnIDRvEd+fQx7:eo57vySJvbpkKV4o3MMp+ID5+MQt
Score10/10-
Detect Socks5Systemz Payload
-
Socks5Systemz
Socks5Systemz is a botnet written in C++.
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-