General
-
Target
15caa4ddbdb583eed7faac2daaf0a07366e0054e944c6a2f729c446b3574bdb3
-
Size
5.3MB
-
Sample
240704-rr2jjaxgrm
-
MD5
14fdf21c143074a8604e82de9fa845b7
-
SHA1
69c1e5ab0d0612ce876d7f8663c4b6fd0195cb97
-
SHA256
15caa4ddbdb583eed7faac2daaf0a07366e0054e944c6a2f729c446b3574bdb3
-
SHA512
0fa8721b26ec4f038b74c6ddbe32fde579fe3c68b9d6f783a2937533e2585aeb240982ca2e40e8b477c0084c56e01249bcf96da5e8565b6103d058c0756c2220
-
SSDEEP
98304:CQtOnYXAxgMZYkwSOiuPb8e0ZWTZxRIV1bYBkKcJdO7LJ5Qx3xw:wnYwxNZY7iuTbTZxR6FGkKF5Qrw
Malware Config
Targets
-
-
Target
15caa4ddbdb583eed7faac2daaf0a07366e0054e944c6a2f729c446b3574bdb3
-
Size
5.3MB
-
MD5
14fdf21c143074a8604e82de9fa845b7
-
SHA1
69c1e5ab0d0612ce876d7f8663c4b6fd0195cb97
-
SHA256
15caa4ddbdb583eed7faac2daaf0a07366e0054e944c6a2f729c446b3574bdb3
-
SHA512
0fa8721b26ec4f038b74c6ddbe32fde579fe3c68b9d6f783a2937533e2585aeb240982ca2e40e8b477c0084c56e01249bcf96da5e8565b6103d058c0756c2220
-
SSDEEP
98304:CQtOnYXAxgMZYkwSOiuPb8e0ZWTZxRIV1bYBkKcJdO7LJ5Qx3xw:wnYwxNZY7iuTbTZxR6FGkKF5Qrw
Score10/10-
Detect Socks5Systemz Payload
-
Socks5Systemz
Socks5Systemz is a botnet written in C++.
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-