Overview

overview

10

Static

static

3

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    f6a4a812c5a6b207c8f6d3802c635ba1e66de8c5b6b2853aead83505918259e5

  • Size

    5.2MB

  • Sample

    240520-fwjczadb87

  • MD5

    5a93e1aeb0f287d217a28199459e080f

  • SHA1

    1358d3cecb737da6e3d364a441a332e7867794c6

  • SHA256

    f6a4a812c5a6b207c8f6d3802c635ba1e66de8c5b6b2853aead83505918259e5

  • SHA512

    95a3e2542429413272427a4edcc8c37f252f29fca3ea33b1514eb79e4810e0727263f30a9221eca6e41533fab045679a8faf669334bc85754bf58369163ef601

  • SSDEEP

    98304:m64PJ0t0Oken4MQROFtU94NJ9Ah4Nuj40bjb1iUm9k2uVZJ/oVA:o1hMhwS6WG40bAz9kFZ7

Score
10/10
socks5systemzbotnetdiscovery

Malware Config

Targets

    • Target

      f6a4a812c5a6b207c8f6d3802c635ba1e66de8c5b6b2853aead83505918259e5

    • Size

      5.2MB

    • MD5

      5a93e1aeb0f287d217a28199459e080f

    • SHA1

      1358d3cecb737da6e3d364a441a332e7867794c6

    • SHA256

      f6a4a812c5a6b207c8f6d3802c635ba1e66de8c5b6b2853aead83505918259e5

    • SHA512

      95a3e2542429413272427a4edcc8c37f252f29fca3ea33b1514eb79e4810e0727263f30a9221eca6e41533fab045679a8faf669334bc85754bf58369163ef601

    • SSDEEP

      98304:m64PJ0t0Oken4MQROFtU94NJ9Ah4Nuj40bjb1iUm9k2uVZJ/oVA:o1hMhwS6WG40bAz9kFZ7

    Score
    10/10
    socks5systemzbotnetdiscovery

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

      botnetsocks5systemz

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks