General
-
Target
e918fa757e47a216f13d5306fa01d4aa73b5241d8d3599c6b6ecd31957bccf1f
-
Size
5.1MB
-
Sample
240702-rffgxszenq
-
MD5
1f5a4f7c350179d063f2b38468f6315c
-
SHA1
05b6860b8d0358683ea69453d0ffdef6e3b166ec
-
SHA256
e918fa757e47a216f13d5306fa01d4aa73b5241d8d3599c6b6ecd31957bccf1f
-
SHA512
ff93fadf323c19d629412314135b5fa846c9c76717ad8956a4a2e4e908a333b9366d1615486159619af06a18c5252509e5b3f5041656e555af7662ccd990808d
-
SSDEEP
98304:CzWDcS7D3pmzumNnOylP9tIbwD0e98c33mHYTC3U7MEowUTuXBkeKu4UydN9QeAG:2S7rpmKmN/R/EwAPc32HYTl77UQ9Ku4r
Malware Config
Targets
-
-
Target
e918fa757e47a216f13d5306fa01d4aa73b5241d8d3599c6b6ecd31957bccf1f
-
Size
5.1MB
-
MD5
1f5a4f7c350179d063f2b38468f6315c
-
SHA1
05b6860b8d0358683ea69453d0ffdef6e3b166ec
-
SHA256
e918fa757e47a216f13d5306fa01d4aa73b5241d8d3599c6b6ecd31957bccf1f
-
SHA512
ff93fadf323c19d629412314135b5fa846c9c76717ad8956a4a2e4e908a333b9366d1615486159619af06a18c5252509e5b3f5041656e555af7662ccd990808d
-
SSDEEP
98304:CzWDcS7D3pmzumNnOylP9tIbwD0e98c33mHYTC3U7MEowUTuXBkeKu4UydN9QeAG:2S7rpmKmN/R/EwAPc32HYTl77UQ9Ku4r
Score10/10-
Detect Socks5Systemz Payload
-
Socks5Systemz
Socks5Systemz is a botnet written in C++.
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-