General
-
Target
fa139d77083c7de082ce68b492b2b23e334eaf0b575696f31749f0b2119bb11e
-
Size
5.1MB
-
Sample
240701-ftte6axbrh
-
MD5
b8898e978eefaefdea55a20a2eca2df0
-
SHA1
091e010ff74355fc725a68573445b87b9faab437
-
SHA256
fa139d77083c7de082ce68b492b2b23e334eaf0b575696f31749f0b2119bb11e
-
SHA512
0e20bd5c9fbf49f51f602e0205ed69ad15ab9f25a793bade26d46a289ef21305525d26f54324b73ad50ca9519b6c798ada2157b4fd0c37a564f7929e973198d1
-
SSDEEP
98304:CInM8hKwQUnaZrfcdlAwuhDQ83nzVVLWk4OBV3g0cOgomrgi1AIQxg:3M8h2UaZrUzAwuhz3z7LN4OY0LgrgePJ
Malware Config
Targets
-
-
Target
fa139d77083c7de082ce68b492b2b23e334eaf0b575696f31749f0b2119bb11e
-
Size
5.1MB
-
MD5
b8898e978eefaefdea55a20a2eca2df0
-
SHA1
091e010ff74355fc725a68573445b87b9faab437
-
SHA256
fa139d77083c7de082ce68b492b2b23e334eaf0b575696f31749f0b2119bb11e
-
SHA512
0e20bd5c9fbf49f51f602e0205ed69ad15ab9f25a793bade26d46a289ef21305525d26f54324b73ad50ca9519b6c798ada2157b4fd0c37a564f7929e973198d1
-
SSDEEP
98304:CInM8hKwQUnaZrfcdlAwuhDQ83nzVVLWk4OBV3g0cOgomrgi1AIQxg:3M8h2UaZrUzAwuhz3z7LN4OY0LgrgePJ
Score10/10-
Detect Socks5Systemz Payload
-
Socks5Systemz
Socks5Systemz is a botnet written in C++.
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-