General
-
Target
ca3a295389cb826bc70e8484f066f273ccaf5941ed2ebb440f65de77964e57f3
-
Size
5.1MB
-
Sample
240702-e78asswcrb
-
MD5
9529d69d7981817f05726ba5a84b7a1f
-
SHA1
c7bfdb6056d584d93b1e419319a961e0093b55a1
-
SHA256
ca3a295389cb826bc70e8484f066f273ccaf5941ed2ebb440f65de77964e57f3
-
SHA512
2350d22be4f10feb114a84dda562c774501d3f462c7893537c42901d70f064f0de8004e92934391ce81b245ecb8e3d40cf6afabbd15f82aa718870a81bd595ec
-
SSDEEP
98304:Cnw/Yxqs8WBl5wYNY3kJK7axf6/XhC9htJsGhzmHQaomKV9X8ugu9qSLZQxq:owEttf6/RC9HtEQaM9X8uguqSLZQU
Malware Config
Targets
-
-
Target
ca3a295389cb826bc70e8484f066f273ccaf5941ed2ebb440f65de77964e57f3
-
Size
5.1MB
-
MD5
9529d69d7981817f05726ba5a84b7a1f
-
SHA1
c7bfdb6056d584d93b1e419319a961e0093b55a1
-
SHA256
ca3a295389cb826bc70e8484f066f273ccaf5941ed2ebb440f65de77964e57f3
-
SHA512
2350d22be4f10feb114a84dda562c774501d3f462c7893537c42901d70f064f0de8004e92934391ce81b245ecb8e3d40cf6afabbd15f82aa718870a81bd595ec
-
SSDEEP
98304:Cnw/Yxqs8WBl5wYNY3kJK7axf6/XhC9htJsGhzmHQaomKV9X8ugu9qSLZQxq:owEttf6/RC9HtEQaM9X8uguqSLZQU
Score10/10-
Detect Socks5Systemz Payload
-
Socks5Systemz
Socks5Systemz is a botnet written in C++.
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-