General
-
Target
a5c02fbea33a303ec094a8f998d1b7e6e4e52f77d423aa821bebfbb85120206d
-
Size
5.2MB
-
Sample
240703-esdgwa1cjj
-
MD5
a39315dde7e006b1a55f3bb08df3aa00
-
SHA1
3530fa05cfaf3980f44c4a28e2fe0a012d992b26
-
SHA256
a5c02fbea33a303ec094a8f998d1b7e6e4e52f77d423aa821bebfbb85120206d
-
SHA512
45c679f58423ed425c89c5ebf8be1cfac9f09e40476da63dc833245e3f685fbae9de82947a3762f36016687823c8cc3e541c152b231234483183a76a5f24c907
-
SSDEEP
98304:CNi75YBQ9+g+C6pb7dGhey7DPG2IVDf3iZ2CSKpKMtgKVm+yevZC2StpWMQxt:G/zpbpGRhIVDviAC5pBtK+1AFpWMQf
Malware Config
Targets
-
-
Target
a5c02fbea33a303ec094a8f998d1b7e6e4e52f77d423aa821bebfbb85120206d
-
Size
5.2MB
-
MD5
a39315dde7e006b1a55f3bb08df3aa00
-
SHA1
3530fa05cfaf3980f44c4a28e2fe0a012d992b26
-
SHA256
a5c02fbea33a303ec094a8f998d1b7e6e4e52f77d423aa821bebfbb85120206d
-
SHA512
45c679f58423ed425c89c5ebf8be1cfac9f09e40476da63dc833245e3f685fbae9de82947a3762f36016687823c8cc3e541c152b231234483183a76a5f24c907
-
SSDEEP
98304:CNi75YBQ9+g+C6pb7dGhey7DPG2IVDf3iZ2CSKpKMtgKVm+yevZC2StpWMQxt:G/zpbpGRhIVDviAC5pBtK+1AFpWMQf
Score10/10-
Detect Socks5Systemz Payload
-
Socks5Systemz
Socks5Systemz is a botnet written in C++.
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-