Overview

overview

10

Static

static

3

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    928c3d92999c4a1181412f0d598c32b8fdaf318c85b8d7e7f7c6f83c3c5296cd

  • Size

    6.8MB

  • Sample

    240602-mlqsmabc66

  • MD5

    4433490e1e6d69766b84ef21c16a27a1

  • SHA1

    6ab521a3b16994142a080fc0ad5fd277c6f71ca4

  • SHA256

    928c3d92999c4a1181412f0d598c32b8fdaf318c85b8d7e7f7c6f83c3c5296cd

  • SHA512

    bbc128e09dee8516dd3e875bae8468f6a81ed164da185c171bbeca836eea01b778d018f54675fc39d497861ef7b3dc54d1d7c34e86982b8cbe952acbbd659e1b

  • SSDEEP

    196608:iuCfe0jumr7wOGwPVxz9N8Rul80ayB87wGhNi:8fTufOGsz9SQ80aC8hvi

Score
10/10
socks5systemzbotnetdiscovery

Malware Config

Targets

    • Target

      928c3d92999c4a1181412f0d598c32b8fdaf318c85b8d7e7f7c6f83c3c5296cd

    • Size

      6.8MB

    • MD5

      4433490e1e6d69766b84ef21c16a27a1

    • SHA1

      6ab521a3b16994142a080fc0ad5fd277c6f71ca4

    • SHA256

      928c3d92999c4a1181412f0d598c32b8fdaf318c85b8d7e7f7c6f83c3c5296cd

    • SHA512

      bbc128e09dee8516dd3e875bae8468f6a81ed164da185c171bbeca836eea01b778d018f54675fc39d497861ef7b3dc54d1d7c34e86982b8cbe952acbbd659e1b

    • SSDEEP

      196608:iuCfe0jumr7wOGwPVxz9N8Rul80ayB87wGhNi:8fTufOGsz9SQ80aC8hvi

    Score
    10/10
    socks5systemzbotnetdiscovery

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

      botnetsocks5systemz

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks