General

  • Target

    60eac553f58bddf1f3345ccf66613c85b4c07eacf7cd0c8ca837696c5f4377ec

  • Size

    5.2MB

  • Sample

    240523-b1at6sha87

  • MD5

    ab48a00dacbdfa61e69a7f3719a9248f

  • SHA1

    86b14dda0168020eac12fd1430e6f7b1e2a52c24

  • SHA256

    60eac553f58bddf1f3345ccf66613c85b4c07eacf7cd0c8ca837696c5f4377ec

  • SHA512

    815df62f070ee1c3eea9839bc1278779b0b7e68e7954c518b0b47372dcc75cb805cb445ce551b59ed835a420a058cf0e1a83d84de5038944931e8b5d08d80ba5

  • SSDEEP

    98304:mce322F55CVuqCIl0wv6LwK6xTPn8muL7YsF9PELbXPn4wIoEsVP0v:Veribl0SuwK658mW7p9kDPnxdPV2

Malware Config

Targets

    • Target

      60eac553f58bddf1f3345ccf66613c85b4c07eacf7cd0c8ca837696c5f4377ec

    • Size

      5.2MB

    • MD5

      ab48a00dacbdfa61e69a7f3719a9248f

    • SHA1

      86b14dda0168020eac12fd1430e6f7b1e2a52c24

    • SHA256

      60eac553f58bddf1f3345ccf66613c85b4c07eacf7cd0c8ca837696c5f4377ec

    • SHA512

      815df62f070ee1c3eea9839bc1278779b0b7e68e7954c518b0b47372dcc75cb805cb445ce551b59ed835a420a058cf0e1a83d84de5038944931e8b5d08d80ba5

    • SSDEEP

      98304:mce322F55CVuqCIl0wv6LwK6xTPn8muL7YsF9PELbXPn4wIoEsVP0v:Veribl0SuwK658mW7p9kDPnxdPV2

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks