General
-
Target
dd24fe100a2a98e520d2c5e62c12f943ee8415a0d25816c377e960ab1d51092f
-
Size
5.2MB
-
Sample
240702-nhn1astfpk
-
MD5
c0d35387718464a7968de2d17dd5f727
-
SHA1
5ce2cf30cf2c323351602832ef71eb201ff6aed7
-
SHA256
dd24fe100a2a98e520d2c5e62c12f943ee8415a0d25816c377e960ab1d51092f
-
SHA512
3264311333a4e005980a4cacfc21dfb1d55847a24dc187f852f838d77eea8901e42e26ea5b761c6f85277b9b87069c7a038f855963302154164aa97231dd9d18
-
SSDEEP
98304:CKSJ8GJEf+A1fHUw0d3mcGBrE6g3z2Vyh/kHz8JUtk3OmCHOsyZF3qQx3:owB1fuGREX8KIQJlehOsyZYQx
Malware Config
Targets
-
-
Target
dd24fe100a2a98e520d2c5e62c12f943ee8415a0d25816c377e960ab1d51092f
-
Size
5.2MB
-
MD5
c0d35387718464a7968de2d17dd5f727
-
SHA1
5ce2cf30cf2c323351602832ef71eb201ff6aed7
-
SHA256
dd24fe100a2a98e520d2c5e62c12f943ee8415a0d25816c377e960ab1d51092f
-
SHA512
3264311333a4e005980a4cacfc21dfb1d55847a24dc187f852f838d77eea8901e42e26ea5b761c6f85277b9b87069c7a038f855963302154164aa97231dd9d18
-
SSDEEP
98304:CKSJ8GJEf+A1fHUw0d3mcGBrE6g3z2Vyh/kHz8JUtk3OmCHOsyZF3qQx3:owB1fuGREX8KIQJlehOsyZYQx
Score10/10-
Detect Socks5Systemz Payload
-
Socks5Systemz
Socks5Systemz is a botnet written in C++.
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-