General

  • Target

    7149f6e65872a3c0477caaaaeb1f62cf93ccf0f25da943d0062d598f4ca9508f

  • Size

    5.9MB

  • Sample

    240529-3h6mnsfa69

  • MD5

    a300e8cde21894f962b36a6af7e703d2

  • SHA1

    91dbab4dbd217f8b8d98d49efb6fef089eb79367

  • SHA256

    7149f6e65872a3c0477caaaaeb1f62cf93ccf0f25da943d0062d598f4ca9508f

  • SHA512

    3ff064f691e88f9c4f749bf39c307d5bcfcddef824f75d3bee50b4f7d8bc2276c09fd7ca181612b0c3c6873ea7dc85c1e0a2422d94a06807aa5ffd00445377a9

  • SSDEEP

    98304:mleJLqVskWv8hZinZ2W5xuYACWd6t/l2MASazepRdSbBwuPh+wMlEFYM:V1NkWv8h9W5hWd6t/BRaz0Eb5+dOFz

Malware Config

Targets

    • Target

      7149f6e65872a3c0477caaaaeb1f62cf93ccf0f25da943d0062d598f4ca9508f

    • Size

      5.9MB

    • MD5

      a300e8cde21894f962b36a6af7e703d2

    • SHA1

      91dbab4dbd217f8b8d98d49efb6fef089eb79367

    • SHA256

      7149f6e65872a3c0477caaaaeb1f62cf93ccf0f25da943d0062d598f4ca9508f

    • SHA512

      3ff064f691e88f9c4f749bf39c307d5bcfcddef824f75d3bee50b4f7d8bc2276c09fd7ca181612b0c3c6873ea7dc85c1e0a2422d94a06807aa5ffd00445377a9

    • SSDEEP

      98304:mleJLqVskWv8hZinZ2W5xuYACWd6t/l2MASazepRdSbBwuPh+wMlEFYM:V1NkWv8h9W5hWd6t/BRaz0Eb5+dOFz

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks