General
-
Target
5e9a0c3f2f07b670710274ca1102bf1057a0d0a0b484a05676d5e9807023204e
-
Size
5.1MB
-
Sample
240702-enyx1syekn
-
MD5
be9f9d82616723678e20f30e3fa35db2
-
SHA1
b3851847d913eab8d47afa4e1c7a17cd2716a1c4
-
SHA256
5e9a0c3f2f07b670710274ca1102bf1057a0d0a0b484a05676d5e9807023204e
-
SHA512
253cc36c2dff506aa4beb3b1df284fe6929b0872eed5adc7726e14d1151bab3efc8c9de0a295582a707b7163a22f35e2522875044e45f15ab1f2349416b07db7
-
SSDEEP
98304:Cpt1YXUQQyt5bZkkH58tdNB9uBCYaebno7LlOYtsJI6LGqEQxq:ycE+FkSwB9u5o3oY4aPQU
Malware Config
Targets
-
-
Target
5e9a0c3f2f07b670710274ca1102bf1057a0d0a0b484a05676d5e9807023204e
-
Size
5.1MB
-
MD5
be9f9d82616723678e20f30e3fa35db2
-
SHA1
b3851847d913eab8d47afa4e1c7a17cd2716a1c4
-
SHA256
5e9a0c3f2f07b670710274ca1102bf1057a0d0a0b484a05676d5e9807023204e
-
SHA512
253cc36c2dff506aa4beb3b1df284fe6929b0872eed5adc7726e14d1151bab3efc8c9de0a295582a707b7163a22f35e2522875044e45f15ab1f2349416b07db7
-
SSDEEP
98304:Cpt1YXUQQyt5bZkkH58tdNB9uBCYaebno7LlOYtsJI6LGqEQxq:ycE+FkSwB9u5o3oY4aPQU
Score10/10-
Detect Socks5Systemz Payload
-
Socks5Systemz
Socks5Systemz is a botnet written in C++.
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-