Overview

overview

10

Static

static

3

winprofile

windows7-x64

10

winprofile

windows10-1703-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    356da454a519f051545031d9d9275e39cfa01b805a8a4b8980087098e917bd18

  • Size

    6.3MB

  • Sample

    240606-3ayl4add8w

  • MD5

    fb03b47daf0824c880e985cbde417da0

  • SHA1

    7391570672f2490f0c3b963989df38e0411fe444

  • SHA256

    356da454a519f051545031d9d9275e39cfa01b805a8a4b8980087098e917bd18

  • SHA512

    f2ae64f6b926b933d63c49b6d5149c239d53c76bc2befc35e50b0f999b8e26d6db4b80f2111474ca944f505ffb89e67e0d7f46c96c679c17371bd16357e22ed3

  • SSDEEP

    98304:mo+m5TkvqhgbIbps7T3T8feReMaEpYCsoX59s6Up4JwViRIHDYN187dKwpUXi4nB:tXANbIbCL8ueYT9mQvRQYMbeVB

Score
10/10
socks5systemzbotnetdiscovery

Malware Config

Targets

    • Target

      356da454a519f051545031d9d9275e39cfa01b805a8a4b8980087098e917bd18

    • Size

      6.3MB

    • MD5

      fb03b47daf0824c880e985cbde417da0

    • SHA1

      7391570672f2490f0c3b963989df38e0411fe444

    • SHA256

      356da454a519f051545031d9d9275e39cfa01b805a8a4b8980087098e917bd18

    • SHA512

      f2ae64f6b926b933d63c49b6d5149c239d53c76bc2befc35e50b0f999b8e26d6db4b80f2111474ca944f505ffb89e67e0d7f46c96c679c17371bd16357e22ed3

    • SSDEEP

      98304:mo+m5TkvqhgbIbps7T3T8feReMaEpYCsoX59s6Up4JwViRIHDYN187dKwpUXi4nB:tXANbIbCL8ueYT9mQvRQYMbeVB

    Score
    10/10
    socks5systemzbotnetdiscovery

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

      botnetsocks5systemz

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks