Overview

overview

10

Static

static

3

winprofile

windows7-x64

10

winprofile

windows10-1703-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    d19259f947fa51897af848841af56cac8195b66d1c23db23347936248a5071c8

  • Size

    4.8MB

  • Sample

    240607-b5vp5sgf75

  • MD5

    95cdd4acc94a2a915f3cff3e07aa9491

  • SHA1

    b54601f39978e3428ec7daece9245c2c2a2e5726

  • SHA256

    d19259f947fa51897af848841af56cac8195b66d1c23db23347936248a5071c8

  • SHA512

    16ef5330ba1175d01e7c9182287463b35abc265150fe93e1ee2cbac3ee0f84ef991a8cf90fe173194cb7222a10843135f6d236f6e8eb25ae338e11311f487c79

  • SSDEEP

    98304:mzraY+eARtaMWM0Q2wqzQ+7VK42UqtjC76b5uBwWI2Jmt0K0RIV5N:WvzA3hWQ2w6B/2rtjXbctg0KQ6N

Score
10/10
socks5systemzbotnetdiscovery

Malware Config

Targets

    • Target

      d19259f947fa51897af848841af56cac8195b66d1c23db23347936248a5071c8

    • Size

      4.8MB

    • MD5

      95cdd4acc94a2a915f3cff3e07aa9491

    • SHA1

      b54601f39978e3428ec7daece9245c2c2a2e5726

    • SHA256

      d19259f947fa51897af848841af56cac8195b66d1c23db23347936248a5071c8

    • SHA512

      16ef5330ba1175d01e7c9182287463b35abc265150fe93e1ee2cbac3ee0f84ef991a8cf90fe173194cb7222a10843135f6d236f6e8eb25ae338e11311f487c79

    • SSDEEP

      98304:mzraY+eARtaMWM0Q2wqzQ+7VK42UqtjC76b5uBwWI2Jmt0K0RIV5N:WvzA3hWQ2w6B/2rtjXbctg0KQ6N

    Score
    10/10
    socks5systemzbotnetdiscovery

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

      botnetsocks5systemz

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks