Overview

overview

10

Static

static

3

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    46942807c6c4a9a9fd87e0e352bd8f46c6242dfee5ec495ca1921e4909e2287d

  • Size

    6.1MB

  • Sample

    240604-y7y7nsba93

  • MD5

    cd0bd69001964b45b7a22a5987c6060a

  • SHA1

    57d027366e3a1fa14d8e86f3aefb92b19203dc28

  • SHA256

    46942807c6c4a9a9fd87e0e352bd8f46c6242dfee5ec495ca1921e4909e2287d

  • SHA512

    df44ba876f9c329d3fa83f68972c8a0694a34f5ece225326a89ab67f80a72e07ca756c30ead75c7fbecc454d9abd53590ab7f36f14a4dd17804ed87300c48ad6

  • SSDEEP

    196608:f+A71NUKQ2HtwigO7BtkEvlU4QA7WOElwalaBhlabtOA:7NUK1Nwip7Bm2fbWdlwJ7mb

Score
10/10
socks5systemzbotnetdiscovery

Malware Config

Targets

    • Target

      46942807c6c4a9a9fd87e0e352bd8f46c6242dfee5ec495ca1921e4909e2287d

    • Size

      6.1MB

    • MD5

      cd0bd69001964b45b7a22a5987c6060a

    • SHA1

      57d027366e3a1fa14d8e86f3aefb92b19203dc28

    • SHA256

      46942807c6c4a9a9fd87e0e352bd8f46c6242dfee5ec495ca1921e4909e2287d

    • SHA512

      df44ba876f9c329d3fa83f68972c8a0694a34f5ece225326a89ab67f80a72e07ca756c30ead75c7fbecc454d9abd53590ab7f36f14a4dd17804ed87300c48ad6

    • SSDEEP

      196608:f+A71NUKQ2HtwigO7BtkEvlU4QA7WOElwalaBhlabtOA:7NUK1Nwip7Bm2fbWdlwJ7mb

    Score
    10/10
    socks5systemzbotnetdiscovery

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

      botnetsocks5systemz

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks