Overview

overview

10

Static

static

3

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b96798ba6c4b259c408f85d6a1767bc1de685ae095c16cc85f03ae8d1ad0bc84

  • Size

    6.1MB

  • Sample

    240530-cjxhaabf65

  • MD5

    feed6d5c3888b1d229996b01da0ea46c

  • SHA1

    94e0cc3825e10eed3d791119b66967da0a6dbaf4

  • SHA256

    b96798ba6c4b259c408f85d6a1767bc1de685ae095c16cc85f03ae8d1ad0bc84

  • SHA512

    a92e3f8f45617e441d5b96d6f0fd0f5b56e49bfa4e2498ee6f21888de15e0ff97db817ac88aba21c604098621abf2007a21470de7a292dfefa6eeaad12d20bc1

  • SSDEEP

    98304:memw9r6XG035iGJiSwp/JRqCsTCB6Vp20HiPt7/WT5ZNlsGCR8cz/dMSm2L4YofV:j92diC8ym6pBCB/WT535CRjyp2cNfzzd

Score
10/10
socks5systemzbotnetdiscovery

Malware Config

Targets

    • Target

      b96798ba6c4b259c408f85d6a1767bc1de685ae095c16cc85f03ae8d1ad0bc84

    • Size

      6.1MB

    • MD5

      feed6d5c3888b1d229996b01da0ea46c

    • SHA1

      94e0cc3825e10eed3d791119b66967da0a6dbaf4

    • SHA256

      b96798ba6c4b259c408f85d6a1767bc1de685ae095c16cc85f03ae8d1ad0bc84

    • SHA512

      a92e3f8f45617e441d5b96d6f0fd0f5b56e49bfa4e2498ee6f21888de15e0ff97db817ac88aba21c604098621abf2007a21470de7a292dfefa6eeaad12d20bc1

    • SSDEEP

      98304:memw9r6XG035iGJiSwp/JRqCsTCB6Vp20HiPt7/WT5ZNlsGCR8cz/dMSm2L4YofV:j92diC8ym6pBCB/WT535CRjyp2cNfzzd

    Score
    10/10
    socks5systemzbotnetdiscovery

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

      botnetsocks5systemz

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks