General

  • Target

    cd463caa0bff222a5e30c782cb1b7f0a9b24b9b2f71b990d9dcfe11eb82f35b5

  • Size

    5.2MB

  • Sample

    240628-x3cbnssfnr

  • MD5

    2e6b95f790b937dfbf6ced11b9ef2086

  • SHA1

    42c5bcf0c4e8f051032b067a27d0d4eab49f09fb

  • SHA256

    cd463caa0bff222a5e30c782cb1b7f0a9b24b9b2f71b990d9dcfe11eb82f35b5

  • SHA512

    21c284a6e59219cef3ed029843537530709735e20d877e09fb9af98c022e693d33712df9828a8b45933b66819c01b4965b6fcd871a87549600ed0ec5ac65814d

  • SSDEEP

    98304:C0eIiO3I9YMXusxjCoVdSTHKw2N+FEVIUbkCTQBRR7hfwMYygQxg:tee3I9T+EjCoVdSLwN+ZYeH/fV3gQC

Malware Config

Targets

    • Target

      cd463caa0bff222a5e30c782cb1b7f0a9b24b9b2f71b990d9dcfe11eb82f35b5

    • Size

      5.2MB

    • MD5

      2e6b95f790b937dfbf6ced11b9ef2086

    • SHA1

      42c5bcf0c4e8f051032b067a27d0d4eab49f09fb

    • SHA256

      cd463caa0bff222a5e30c782cb1b7f0a9b24b9b2f71b990d9dcfe11eb82f35b5

    • SHA512

      21c284a6e59219cef3ed029843537530709735e20d877e09fb9af98c022e693d33712df9828a8b45933b66819c01b4965b6fcd871a87549600ed0ec5ac65814d

    • SSDEEP

      98304:C0eIiO3I9YMXusxjCoVdSTHKw2N+FEVIUbkCTQBRR7hfwMYygQxg:tee3I9T+EjCoVdSLwN+ZYeH/fV3gQC

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks