General

  • Target

    F98B2D4646C95810DB7AF07535AD6688.exe

  • Size

    4.2MB

  • Sample

    240222-zwgnxsfb41

  • MD5

    f98b2d4646c95810db7af07535ad6688

  • SHA1

    f61d8a911aaa3f79ada6163c133ddd03bffe8806

  • SHA256

    2f63ab6e1fc2c86308284d7e6becebb2b4581b6f520da008d9ea8a558718484a

  • SHA512

    02a3a77c4ac40c13b347c72950e186d2889b9d46becd672b19b584ec752906443ab1f63149770edc49350fb95605cc07cd7b3f00c4ae81bec4f1ae68948c3426

  • SSDEEP

    98304:IaKj6E21RV0hiaIyTZWxOIay7e89CS7+LWTPTscL0:AjVSVqXtW4/UCnW3sT

Malware Config

Targets

    • Target

      F98B2D4646C95810DB7AF07535AD6688.exe

    • Size

      4.2MB

    • MD5

      f98b2d4646c95810db7af07535ad6688

    • SHA1

      f61d8a911aaa3f79ada6163c133ddd03bffe8806

    • SHA256

      2f63ab6e1fc2c86308284d7e6becebb2b4581b6f520da008d9ea8a558718484a

    • SHA512

      02a3a77c4ac40c13b347c72950e186d2889b9d46becd672b19b584ec752906443ab1f63149770edc49350fb95605cc07cd7b3f00c4ae81bec4f1ae68948c3426

    • SSDEEP

      98304:IaKj6E21RV0hiaIyTZWxOIay7e89CS7+LWTPTscL0:AjVSVqXtW4/UCnW3sT

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks