General
-
Target
8361191bd5b269974e86b684c73dfef3b4d90223f0ea3c614fdb92af194c0bd3
-
Size
5.3MB
-
Sample
240702-3kv9qazdrj
-
MD5
87be3cf2b143305f125eeed440b9073e
-
SHA1
103ca9703ac7599a8f6ada1a0ab0bd9afff9f34b
-
SHA256
8361191bd5b269974e86b684c73dfef3b4d90223f0ea3c614fdb92af194c0bd3
-
SHA512
76602111bc46ec5171d80bcb23d58abdb6b51e9289cfa646bc091fafccb8cbf96eb8b027bd9d9796636346cf6d3b2ee0949b2bbae5f0219b722bfd9a1e298516
-
SSDEEP
98304:C+LL4bfVU4Us7pgQV91sDInEDszhM9J8P/IEPxona5yQIWUOsJbwAOvypD8Qxla:FL+fCv8qy91AIEgzhM9aXNfyjOjyV8QS
Malware Config
Targets
-
-
Target
8361191bd5b269974e86b684c73dfef3b4d90223f0ea3c614fdb92af194c0bd3
-
Size
5.3MB
-
MD5
87be3cf2b143305f125eeed440b9073e
-
SHA1
103ca9703ac7599a8f6ada1a0ab0bd9afff9f34b
-
SHA256
8361191bd5b269974e86b684c73dfef3b4d90223f0ea3c614fdb92af194c0bd3
-
SHA512
76602111bc46ec5171d80bcb23d58abdb6b51e9289cfa646bc091fafccb8cbf96eb8b027bd9d9796636346cf6d3b2ee0949b2bbae5f0219b722bfd9a1e298516
-
SSDEEP
98304:C+LL4bfVU4Us7pgQV91sDInEDszhM9J8P/IEPxona5yQIWUOsJbwAOvypD8Qxla:FL+fCv8qy91AIEgzhM9aXNfyjOjyV8QS
Score10/10-
Detect Socks5Systemz Payload
-
Socks5Systemz
Socks5Systemz is a botnet written in C++.
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-