Overview

overview

10

Static

static

3

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    510e48fe726057e9b7ada724cf6307d7ce5ba208701a22816595077b3ee3c048

  • Size

    5.2MB

  • Sample

    240527-h8tetacc9s

  • MD5

    a7257095cdb9da1ba9b06b41255fa8e8

  • SHA1

    cc8774e63ca25827e58cb9f4bbd886a6d43af2c4

  • SHA256

    510e48fe726057e9b7ada724cf6307d7ce5ba208701a22816595077b3ee3c048

  • SHA512

    e5dc5f6513f9bc88a0ea16fe026947422be63790825ff4139e19104cefa8152c08ff5990d0f5f554748b45cc3747906b1d151993944c35d796ac23e31ebaf6b2

  • SSDEEP

    98304:mBXyRZ3+uVyt7Ef8P42TwA80mysxzSdNuxb5m7r8Io04A64OU64zn:+Xyg02S81IxzAMb5m7r8Io0QVU647

Score
10/10
socks5systemzbotnetdiscovery

Malware Config

Targets

    • Target

      510e48fe726057e9b7ada724cf6307d7ce5ba208701a22816595077b3ee3c048

    • Size

      5.2MB

    • MD5

      a7257095cdb9da1ba9b06b41255fa8e8

    • SHA1

      cc8774e63ca25827e58cb9f4bbd886a6d43af2c4

    • SHA256

      510e48fe726057e9b7ada724cf6307d7ce5ba208701a22816595077b3ee3c048

    • SHA512

      e5dc5f6513f9bc88a0ea16fe026947422be63790825ff4139e19104cefa8152c08ff5990d0f5f554748b45cc3747906b1d151993944c35d796ac23e31ebaf6b2

    • SSDEEP

      98304:mBXyRZ3+uVyt7Ef8P42TwA80mysxzSdNuxb5m7r8Io04A64OU64zn:+Xyg02S81IxzAMb5m7r8Io0QVU647

    Score
    10/10
    socks5systemzbotnetdiscovery

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

      botnetsocks5systemz

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks