socks5systemz | 82f9a0ba13d63d49a7bc218b6590fa4f2dab7a7d710eb41d70703855bf732e7b | Triage

Submit
Reports

Overview

overview

Static

static

3

cryptolaemus

windows10-2004-x64

cryptolaemus

windows11-21h2-x64

Sharing

Copy URL Twitter E-mail

General

Target

82f9a0ba13d63d49a7bc218b6590fa4f2dab7a7d710eb41d70703855bf732e7b
Size

6.3MB
Sample

240603-zqq1eaab69
MD5

4a2413e32b327c276baf25abd02ee5ff
SHA1

04fd3d43f86955ea2129cb5311b11bf9e28cc3a6
SHA256

82f9a0ba13d63d49a7bc218b6590fa4f2dab7a7d710eb41d70703855bf732e7b
SHA512

db74ddd8d6170b35597587a1f7698572f9e3fdde2d9bd159724bc5c9689d2d0bb709941196cd6bc85e8ba967803fccc6c9be23d91664cedc4fe13d2a2c3489fe
SSDEEP

196608:up7h/M1dLSfL+G5Prrj934LWbqiaid/XX:Md/QdLSyIHJTthn

Score

10^/10

socks5systemz botnet discovery

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

82f9a0ba13d63d49a7bc218b6590fa4f2dab7a7d710eb41d70703855bf732e7b.exe

Resource

win10v2004-20240508-en

socks5systemz botnet discovery

windows10-2004-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

82f9a0ba13d63d49a7bc218b6590fa4f2dab7a7d710eb41d70703855bf732e7b.exe

Resource

win11-20240508-en

socks5systemz botnet discovery

windows11-21h2-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  82f9a0ba13d63d49a7bc218b6590fa4f2dab7a7d710eb41d70703855bf732e7b
- Size
  
  6.3MB
- MD5
  
  4a2413e32b327c276baf25abd02ee5ff
- SHA1
  
  04fd3d43f86955ea2129cb5311b11bf9e28cc3a6
- SHA256
  
  82f9a0ba13d63d49a7bc218b6590fa4f2dab7a7d710eb41d70703855bf732e7b
- SHA512
  
  db74ddd8d6170b35597587a1f7698572f9e3fdde2d9bd159724bc5c9689d2d0bb709941196cd6bc85e8ba967803fccc6c9be23d91664cedc4fe13d2a2c3489fe
- SSDEEP
  
  196608:up7h/M1dLSfL+G5Prrj934LWbqiaid/XX:Md/QdLSyIHJTthn
Score

10^/10

socks5systemz botnet discovery
- Detect Socks5Systemz Payload
- Socks5Systemz
  Socks5Systemz is a botnet written in C++.
  botnet socks5systemz
- Executes dropped EXE
- Loads dropped DLL
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

socks5systemzbotnetdiscovery

behavioral2

socks5systemzbotnetdiscovery

© 2018-2025

Terms | Privacy