General
-
Target
e8af1de3867cab9fcea540c75f4d485db08e3ef503066f990a7c33ae73bd155c
-
Size
5.0MB
-
Sample
240630-zveg6syekp
-
MD5
4e2ec43c2692799106c1d443b2f4ab12
-
SHA1
01e5ef5c0f6a92583051ddc4c885543d3e03fbcd
-
SHA256
e8af1de3867cab9fcea540c75f4d485db08e3ef503066f990a7c33ae73bd155c
-
SHA512
d5208aa0ede37d7bed2dc06a9099c5e058142b5677ac45dcb858973731d4162abc0ba10033c30ede1c97df65c63b3e62e1badb871006b7e43d4556fc39b063c8
-
SSDEEP
98304:CDVbPcvyWfsRJdnQSr9xV8jAgBmcuwL7UlT+JLFVgQ/Qx7:cky0OHnJfV8jaKZDVZQt
Malware Config
Targets
-
-
Target
e8af1de3867cab9fcea540c75f4d485db08e3ef503066f990a7c33ae73bd155c
-
Size
5.0MB
-
MD5
4e2ec43c2692799106c1d443b2f4ab12
-
SHA1
01e5ef5c0f6a92583051ddc4c885543d3e03fbcd
-
SHA256
e8af1de3867cab9fcea540c75f4d485db08e3ef503066f990a7c33ae73bd155c
-
SHA512
d5208aa0ede37d7bed2dc06a9099c5e058142b5677ac45dcb858973731d4162abc0ba10033c30ede1c97df65c63b3e62e1badb871006b7e43d4556fc39b063c8
-
SSDEEP
98304:CDVbPcvyWfsRJdnQSr9xV8jAgBmcuwL7UlT+JLFVgQ/Qx7:cky0OHnJfV8jaKZDVZQt
Score10/10-
Detect Socks5Systemz Payload
-
Socks5Systemz
Socks5Systemz is a botnet written in C++.
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-