General
-
Target
7bc701c979bd89179a721f3555fb0084c54e57c5c74d0ddb91ae6d141e656cf4
-
Size
5.0MB
-
Sample
240701-fqqj4axbkb
-
MD5
cee56c743cd7c20a6f403c0e903072f8
-
SHA1
67656b2cf28149242542919c15d8b759ca47424e
-
SHA256
7bc701c979bd89179a721f3555fb0084c54e57c5c74d0ddb91ae6d141e656cf4
-
SHA512
e1e066185f35cf90d46a4d4d7d70b22afe1e88d910d23654f72a3b86c0a04a05c2cbc3970e046b5d3ca05e2d69a1e6f4b43ff87674df1e4268651b2c1449ab0d
-
SSDEEP
98304:C830wCrav6QBqmJstibfDh036MaXgiFswyKmkdqkR1eBkGWpTBNUzgjY2nsYMYpq:P3qrk4Gstk7h03LaXNFtyKmYJGST3mgW
Malware Config
Targets
-
-
Target
7bc701c979bd89179a721f3555fb0084c54e57c5c74d0ddb91ae6d141e656cf4
-
Size
5.0MB
-
MD5
cee56c743cd7c20a6f403c0e903072f8
-
SHA1
67656b2cf28149242542919c15d8b759ca47424e
-
SHA256
7bc701c979bd89179a721f3555fb0084c54e57c5c74d0ddb91ae6d141e656cf4
-
SHA512
e1e066185f35cf90d46a4d4d7d70b22afe1e88d910d23654f72a3b86c0a04a05c2cbc3970e046b5d3ca05e2d69a1e6f4b43ff87674df1e4268651b2c1449ab0d
-
SSDEEP
98304:C830wCrav6QBqmJstibfDh036MaXgiFswyKmkdqkR1eBkGWpTBNUzgjY2nsYMYpq:P3qrk4Gstk7h03LaXNFtyKmYJGST3mgW
Score10/10-
Detect Socks5Systemz Payload
-
Socks5Systemz
Socks5Systemz is a botnet written in C++.
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-