socks5systemz | 8903dfc7a469319110892ee5f916640295c512103cce561f0ae672e3cc782123 | Triage

Submit
Reports

Overview

overview

Static

static

3

cryptolaemus

windows10-2004-x64

cryptolaemus

windows11-21h2-x64

Sharing

General

Target

8903dfc7a469319110892ee5f916640295c512103cce561f0ae672e3cc782123
Size

5.3MB
Sample

240712-l2bg7sydnn
MD5

5681d1afee58e61efe4493b71a8f27ff
SHA1

f4edfc0ec4eb7560d9c657fd16cc3c7824daf188
SHA256

8903dfc7a469319110892ee5f916640295c512103cce561f0ae672e3cc782123
SHA512

dc56e887eb3dd0d9070f75eb243abf603e7e93e644d8cd263d4fbd7ed3c775f51b9d94c1b380c629c69a26996a42293e1ef61ee2ea7019339641d576cdd4197f
SSDEEP

98304:CdI1L3SiPYEdu/qUFR3THIk+HofBAdyDz8MYQxY:Uspguu/pvA238dQW

Score

10^/10

socks5systemz botnet discovery

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

8903dfc7a469319110892ee5f916640295c512103cce561f0ae672e3cc782123.exe

Resource

win10v2004-20240709-en

socks5systemz botnet discovery

windows10-2004-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

8903dfc7a469319110892ee5f916640295c512103cce561f0ae672e3cc782123.exe

Resource

win11-20240709-en

socks5systemz botnet discovery

windows11-21h2-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  8903dfc7a469319110892ee5f916640295c512103cce561f0ae672e3cc782123
- Size
  
  5.3MB
- MD5
  
  5681d1afee58e61efe4493b71a8f27ff
- SHA1
  
  f4edfc0ec4eb7560d9c657fd16cc3c7824daf188
- SHA256
  
  8903dfc7a469319110892ee5f916640295c512103cce561f0ae672e3cc782123
- SHA512
  
  dc56e887eb3dd0d9070f75eb243abf603e7e93e644d8cd263d4fbd7ed3c775f51b9d94c1b380c629c69a26996a42293e1ef61ee2ea7019339641d576cdd4197f
- SSDEEP
  
  98304:CdI1L3SiPYEdu/qUFR3THIk+HofBAdyDz8MYQxY:Uspguu/pvA238dQW
Score

10^/10

socks5systemz botnet discovery
- Detect Socks5Systemz Payload
- Socks5Systemz
  Socks5Systemz is a botnet written in C++.
  botnet socks5systemz
- Executes dropped EXE
- Loads dropped DLL
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

socks5systemzbotnetdiscovery

behavioral2

socks5systemzbotnetdiscovery

© 2018-2025

Terms | Privacy