Overview

overview

10

Static

static

3

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    edc3373a5f607d11d498e86367b3c341cd565109cae42ad1b6049486800b7086

  • Size

    4.6MB

  • Sample

    240523-gt1d5sga2w

  • MD5

    376cb55898e8e7db7bb6b266a255fba9

  • SHA1

    c206c9a5423f591f4b9a44309a04d3a8b15b452c

  • SHA256

    edc3373a5f607d11d498e86367b3c341cd565109cae42ad1b6049486800b7086

  • SHA512

    711732798526ce0934a7e171c41f7717e8dac139760d766692ccb529918e252200ee86ed24f0ec23c5a2932d7664f3f4765cf4fed5f8e48f12fdc421cf268105

  • SSDEEP

    98304:mVFdzgMlvdfxNvBo58mWZ56PbEysBC++fw7/R2AdbJRDw:w5VdvvBoChWbEyY+oLgAdbJRDw

Score
10/10
socks5systemzbotnetdiscovery

Malware Config

Targets

    • Target

      edc3373a5f607d11d498e86367b3c341cd565109cae42ad1b6049486800b7086

    • Size

      4.6MB

    • MD5

      376cb55898e8e7db7bb6b266a255fba9

    • SHA1

      c206c9a5423f591f4b9a44309a04d3a8b15b452c

    • SHA256

      edc3373a5f607d11d498e86367b3c341cd565109cae42ad1b6049486800b7086

    • SHA512

      711732798526ce0934a7e171c41f7717e8dac139760d766692ccb529918e252200ee86ed24f0ec23c5a2932d7664f3f4765cf4fed5f8e48f12fdc421cf268105

    • SSDEEP

      98304:mVFdzgMlvdfxNvBo58mWZ56PbEysBC++fw7/R2AdbJRDw:w5VdvvBoChWbEyY+oLgAdbJRDw

    Score
    10/10
    socks5systemzbotnetdiscovery

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

      botnetsocks5systemz

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks