Overview

overview

10

Static

static

3

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3710d7ad0d8308f0ee19b432e9fff981dab0880684971cb63525e6a15978fb89

  • Size

    5.3MB

  • Sample

    240522-asjaxaeg29

  • MD5

    0c23c28ef778db6974b27e8fd55f48ad

  • SHA1

    6a1e0494b55e10a0ff7fba14ba8eb215ac0f4f83

  • SHA256

    3710d7ad0d8308f0ee19b432e9fff981dab0880684971cb63525e6a15978fb89

  • SHA512

    3ebd163a0e648c739703a5b7735b8f818cd0a70235eacd61ae05248ae631ffb905a466aaf5da777356f884d03db9cccc70732f6fed69e52f734f3f44ed1e44b7

  • SSDEEP

    98304:mOgj84Jy01SQjIMjK3+KhmwG3R3gDwLsdTgvHkwOS1wk/CW47I8A372:28400pIMjw+6mf+1gROSOkLiPA372

Score
10/10
socks5systemzbotnetdiscovery

Malware Config

Targets

    • Target

      3710d7ad0d8308f0ee19b432e9fff981dab0880684971cb63525e6a15978fb89

    • Size

      5.3MB

    • MD5

      0c23c28ef778db6974b27e8fd55f48ad

    • SHA1

      6a1e0494b55e10a0ff7fba14ba8eb215ac0f4f83

    • SHA256

      3710d7ad0d8308f0ee19b432e9fff981dab0880684971cb63525e6a15978fb89

    • SHA512

      3ebd163a0e648c739703a5b7735b8f818cd0a70235eacd61ae05248ae631ffb905a466aaf5da777356f884d03db9cccc70732f6fed69e52f734f3f44ed1e44b7

    • SSDEEP

      98304:mOgj84Jy01SQjIMjK3+KhmwG3R3gDwLsdTgvHkwOS1wk/CW47I8A372:28400pIMjw+6mf+1gROSOkLiPA372

    Score
    10/10
    socks5systemzbotnetdiscovery

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

      botnetsocks5systemz

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks