General
-
Target
84644e97a73bba3f397163d09d00b7e52a53a7fc0b652fe533d22dda053169cd
-
Size
5.6MB
-
Sample
240703-vd1a4ayfpq
-
MD5
96f5355e59b95f5e514d114d7ecd7608
-
SHA1
a444875ebf915fe20a74ede2245c87afedc63487
-
SHA256
84644e97a73bba3f397163d09d00b7e52a53a7fc0b652fe533d22dda053169cd
-
SHA512
698f02e59d4a6d0302cd2d4d24a81f8317c97cee031377521cbdf946a70a9adee21c9ff78e28ff4bb5ad9c93bc1533c11b7a306996b3bce5809ac8e395af4b1d
-
SSDEEP
98304:Cc52a29MmVHtHwF0PJCpDUy/pN8S4lgDy9tMRR3lKe5YZeS73bjGoiQAQx5Y:Rcrb5tQuPJCp1RDmH9tICAKHjGoiQAQ0
Malware Config
Targets
-
-
Target
84644e97a73bba3f397163d09d00b7e52a53a7fc0b652fe533d22dda053169cd
-
Size
5.6MB
-
MD5
96f5355e59b95f5e514d114d7ecd7608
-
SHA1
a444875ebf915fe20a74ede2245c87afedc63487
-
SHA256
84644e97a73bba3f397163d09d00b7e52a53a7fc0b652fe533d22dda053169cd
-
SHA512
698f02e59d4a6d0302cd2d4d24a81f8317c97cee031377521cbdf946a70a9adee21c9ff78e28ff4bb5ad9c93bc1533c11b7a306996b3bce5809ac8e395af4b1d
-
SSDEEP
98304:Cc52a29MmVHtHwF0PJCpDUy/pN8S4lgDy9tMRR3lKe5YZeS73bjGoiQAQx5Y:Rcrb5tQuPJCp1RDmH9tICAKHjGoiQAQ0
Score10/10-
Detect Socks5Systemz Payload
-
Socks5Systemz
Socks5Systemz is a botnet written in C++.
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-