Overview

overview

10

Static

static

3

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    934d38ab139e0469e714d3564a57804820e25eec9ac83228261706bfe4620626

  • Size

    4.5MB

  • Sample

    240724-kjld1sxbkk

  • MD5

    1daa36cbcb52e593b49dbd2411762e2b

  • SHA1

    00cd18be3187437eb9152c8dd96e8f6386b6e5f9

  • SHA256

    934d38ab139e0469e714d3564a57804820e25eec9ac83228261706bfe4620626

  • SHA512

    74fc869293a3d7b5b08d48a08fa9e2242d3f415dd69bc4db95f3c2a560a79f09a9447bdb456a19d63e831238e661cd11330e0c4bf617087cf4b64a2852aa440e

  • SSDEEP

    98304:CIsgmXXZCkh+kPN/xtaeVDPilMFG1urtWDY0RQiWp/8grmAkRUza7I:xsRXFh+e/6IGlMFXoXKiWpUgxha7I

Score
10/10
socks5systemzbotnetdiscovery

Malware Config

Targets

    • Target

      934d38ab139e0469e714d3564a57804820e25eec9ac83228261706bfe4620626

    • Size

      4.5MB

    • MD5

      1daa36cbcb52e593b49dbd2411762e2b

    • SHA1

      00cd18be3187437eb9152c8dd96e8f6386b6e5f9

    • SHA256

      934d38ab139e0469e714d3564a57804820e25eec9ac83228261706bfe4620626

    • SHA512

      74fc869293a3d7b5b08d48a08fa9e2242d3f415dd69bc4db95f3c2a560a79f09a9447bdb456a19d63e831238e661cd11330e0c4bf617087cf4b64a2852aa440e

    • SSDEEP

      98304:CIsgmXXZCkh+kPN/xtaeVDPilMFG1urtWDY0RQiWp/8grmAkRUza7I:xsRXFh+e/6IGlMFXoXKiWpUgxha7I

    Score
    10/10
    socks5systemzbotnetdiscovery

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

      botnetsocks5systemz

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks