Overview

overview

10

Static

static

3

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    e82be53e29c08a29c34892697dccfe7de8dd9733c3b67431b895d861e49e7a26

  • Size

    4.9MB

  • Sample

    240721-xd8ctascpl

  • MD5

    8abc79f276754a7faceac501d888efc9

  • SHA1

    4f4bc427e086bd0cf0119b6092a5d0bc2ec6ec9b

  • SHA256

    e82be53e29c08a29c34892697dccfe7de8dd9733c3b67431b895d861e49e7a26

  • SHA512

    a91010ea7e6d8229e4dccf278d42609a0bd01bb428dea04280a2bda154efcecc587c7a1cca15411d88cda39dcf6d5756587e35abc5651ae7130472603589a07f

  • SSDEEP

    98304:C6wL3eQWgOMUuyV4dogKG+0IBiU2ylYzMQAe4+CTbESdp8KZy7P2cvLDCy0Tjpb7:7wapgOvjVrvG+V25QQ2+cXFZ0Riy0vjR

Score
10/10
socks5systemzbotnetdiscovery

Malware Config

Targets

    • Target

      e82be53e29c08a29c34892697dccfe7de8dd9733c3b67431b895d861e49e7a26

    • Size

      4.9MB

    • MD5

      8abc79f276754a7faceac501d888efc9

    • SHA1

      4f4bc427e086bd0cf0119b6092a5d0bc2ec6ec9b

    • SHA256

      e82be53e29c08a29c34892697dccfe7de8dd9733c3b67431b895d861e49e7a26

    • SHA512

      a91010ea7e6d8229e4dccf278d42609a0bd01bb428dea04280a2bda154efcecc587c7a1cca15411d88cda39dcf6d5756587e35abc5651ae7130472603589a07f

    • SSDEEP

      98304:C6wL3eQWgOMUuyV4dogKG+0IBiU2ylYzMQAe4+CTbESdp8KZy7P2cvLDCy0Tjpb7:7wapgOvjVrvG+V25QQ2+cXFZ0Riy0vjR

    Score
    10/10
    socks5systemzbotnetdiscovery

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

      botnetsocks5systemz

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks