General
-
Target
6ff6bc5d1d3b31e6acc5b649a1cb483e07a85d7b7abfdbf84aed7f32ab925757
-
Size
5.1MB
-
Sample
240701-wvcf2asbjg
-
MD5
f97bac153de1918e804869d153cc22c2
-
SHA1
0a08f4f988a8b21bb3ee79ac7b096f632330736d
-
SHA256
6ff6bc5d1d3b31e6acc5b649a1cb483e07a85d7b7abfdbf84aed7f32ab925757
-
SHA512
37fafc843fc2688ad12d945933cdf904568d4c7ded3fdc7ec17123a89a17fcef937a36accb81e1893088b6e171d8bab53701f66564166d1b5f103f8d9141dfad
-
SSDEEP
98304:CpcKyFTFOdoOOJNaGLZI1jFQAYGzCNtZiPcEJbcahEB4pWaDmYKxTDWljskXQxy:i1yFuoOOJNaGQjGAYGzYt40J8EupVDmo
Malware Config
Targets
-
-
Target
6ff6bc5d1d3b31e6acc5b649a1cb483e07a85d7b7abfdbf84aed7f32ab925757
-
Size
5.1MB
-
MD5
f97bac153de1918e804869d153cc22c2
-
SHA1
0a08f4f988a8b21bb3ee79ac7b096f632330736d
-
SHA256
6ff6bc5d1d3b31e6acc5b649a1cb483e07a85d7b7abfdbf84aed7f32ab925757
-
SHA512
37fafc843fc2688ad12d945933cdf904568d4c7ded3fdc7ec17123a89a17fcef937a36accb81e1893088b6e171d8bab53701f66564166d1b5f103f8d9141dfad
-
SSDEEP
98304:CpcKyFTFOdoOOJNaGLZI1jFQAYGzCNtZiPcEJbcahEB4pWaDmYKxTDWljskXQxy:i1yFuoOOJNaGQjGAYGzYt40J8EupVDmo
Score10/10-
Detect Socks5Systemz Payload
-
Socks5Systemz
Socks5Systemz is a botnet written in C++.
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-