General
-
Target
451e864c9675147a8faeca70522efbcff3b8b573b51d321d978dd57cfb16d419
-
Size
5.1MB
-
Sample
240701-1r9dtawbnp
-
MD5
cd591ebef2fb36e6d0c67b0237d3b1be
-
SHA1
2bea8eaa1e588a0f7fc3a73044d7b10a43659441
-
SHA256
451e864c9675147a8faeca70522efbcff3b8b573b51d321d978dd57cfb16d419
-
SHA512
29ccd09717fe83c8d7dddae145a4a446550a3a6c7a7656a1cd9add832d8003177e4d73df23047e45c7a1950434549c1d9f4756f8d1b7f537675f9b8880f5ce7c
-
SSDEEP
98304:CEYQC32wcQ37FUnAh6faD0bIdGFqC21B5oVfQWcl2+tUQxy:VYDPl3CVaD0ctCWjoV7TiUQE
Malware Config
Targets
-
-
Target
451e864c9675147a8faeca70522efbcff3b8b573b51d321d978dd57cfb16d419
-
Size
5.1MB
-
MD5
cd591ebef2fb36e6d0c67b0237d3b1be
-
SHA1
2bea8eaa1e588a0f7fc3a73044d7b10a43659441
-
SHA256
451e864c9675147a8faeca70522efbcff3b8b573b51d321d978dd57cfb16d419
-
SHA512
29ccd09717fe83c8d7dddae145a4a446550a3a6c7a7656a1cd9add832d8003177e4d73df23047e45c7a1950434549c1d9f4756f8d1b7f537675f9b8880f5ce7c
-
SSDEEP
98304:CEYQC32wcQ37FUnAh6faD0bIdGFqC21B5oVfQWcl2+tUQxy:VYDPl3CVaD0ctCWjoV7TiUQE
Score10/10-
Detect Socks5Systemz Payload
-
Socks5Systemz
Socks5Systemz is a botnet written in C++.
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-