General

  • Target

    14fd83efa15721e152b8f8fec9af80e0N.exe

  • Size

    4.7MB

  • Sample

    240802-2x23csydnh

  • MD5

    14fd83efa15721e152b8f8fec9af80e0

  • SHA1

    a48186400a0b77829d07950aff9dd797f5170f18

  • SHA256

    5c37bbaf5ef64b987f5e7d2e7ab5696b945ec6b2418e35e476354ed06974d0df

  • SHA512

    5326f0f6cd55cea30681882c5afb7fa309fa01234440916d3e49b0602459ac4428ef0137f8086f6815faebb8ebb31533102283d444c636b029f2da9bd52413f7

  • SSDEEP

    98304:NGj/8Ray4m1LcDZAbcBfFVRe2CRUp3nzwptcN9jbP7ixpq9sdo:YGa1m1LqWCfFVRU4C0vjiTN2

Malware Config

Targets

    • Target

      14fd83efa15721e152b8f8fec9af80e0N.exe

    • Size

      4.7MB

    • MD5

      14fd83efa15721e152b8f8fec9af80e0

    • SHA1

      a48186400a0b77829d07950aff9dd797f5170f18

    • SHA256

      5c37bbaf5ef64b987f5e7d2e7ab5696b945ec6b2418e35e476354ed06974d0df

    • SHA512

      5326f0f6cd55cea30681882c5afb7fa309fa01234440916d3e49b0602459ac4428ef0137f8086f6815faebb8ebb31533102283d444c636b029f2da9bd52413f7

    • SSDEEP

      98304:NGj/8Ray4m1LcDZAbcBfFVRe2CRUp3nzwptcN9jbP7ixpq9sdo:YGa1m1LqWCfFVRU4C0vjiTN2

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks