General
-
Target
63095576427d0713db4e4a6e5f402510d855de377af629fa738d91c55ea8eaa9
-
Size
5.1MB
-
Sample
240704-r4d9rsxhpk
-
MD5
2429513d4fbfeb80b6f079ffa4c52152
-
SHA1
65dad9871e91686d1375c8d4c0e67b9c30ea1d47
-
SHA256
63095576427d0713db4e4a6e5f402510d855de377af629fa738d91c55ea8eaa9
-
SHA512
2dd4ef14b85f63d0f23875af563e27d29f342c16884296a592e1340d4f6d5fcccde0499b6e0a22ed96ad78aedce75871690b80f2969ee15b874819c0951b5b49
-
SSDEEP
98304:CKx/ui/qu8MAYCWxh+0UkEpQ0S1T8NPOAPv/k01q9Ga4EQx3xw:2i/q1GCoh+0UkEp0ZGH/k0vEQrw
Malware Config
Targets
-
-
Target
63095576427d0713db4e4a6e5f402510d855de377af629fa738d91c55ea8eaa9
-
Size
5.1MB
-
MD5
2429513d4fbfeb80b6f079ffa4c52152
-
SHA1
65dad9871e91686d1375c8d4c0e67b9c30ea1d47
-
SHA256
63095576427d0713db4e4a6e5f402510d855de377af629fa738d91c55ea8eaa9
-
SHA512
2dd4ef14b85f63d0f23875af563e27d29f342c16884296a592e1340d4f6d5fcccde0499b6e0a22ed96ad78aedce75871690b80f2969ee15b874819c0951b5b49
-
SSDEEP
98304:CKx/ui/qu8MAYCWxh+0UkEpQ0S1T8NPOAPv/k01q9Ga4EQx3xw:2i/q1GCoh+0UkEp0ZGH/k0vEQrw
Score10/10-
Detect Socks5Systemz Payload
-
Socks5Systemz
Socks5Systemz is a botnet written in C++.
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-