General

  • Target

    46e9c880dbe01f9535de75eb471bb8cae457535b41281c137fd6f6f6d26443c4

  • Size

    4.1MB

  • Sample

    240803-lfvnysyhkn

  • MD5

    c7f15dec0ce20297917dd32d93a9475e

  • SHA1

    0b85b3184dcdde9bf85bae96559d333c31a9b23c

  • SHA256

    46e9c880dbe01f9535de75eb471bb8cae457535b41281c137fd6f6f6d26443c4

  • SHA512

    51d8c09882f32341949907a3abce5390d8b3c94a58111e1b6baa6bbdc51b18c517ab01d4ed11e5780dd5851720ed2690fadf7c783017ffa4c4bd770c194424f3

  • SSDEEP

    98304:NqBx45myShWu09Cu0BT2frM2O48iL6V73V4RC+QIiGPWLH474X63w0Ido:xrSW7UT2fUTVzRzbLH474XUw0Iy

Malware Config

Targets

    • Target

      46e9c880dbe01f9535de75eb471bb8cae457535b41281c137fd6f6f6d26443c4

    • Size

      4.1MB

    • MD5

      c7f15dec0ce20297917dd32d93a9475e

    • SHA1

      0b85b3184dcdde9bf85bae96559d333c31a9b23c

    • SHA256

      46e9c880dbe01f9535de75eb471bb8cae457535b41281c137fd6f6f6d26443c4

    • SHA512

      51d8c09882f32341949907a3abce5390d8b3c94a58111e1b6baa6bbdc51b18c517ab01d4ed11e5780dd5851720ed2690fadf7c783017ffa4c4bd770c194424f3

    • SSDEEP

      98304:NqBx45myShWu09Cu0BT2frM2O48iL6V73V4RC+QIiGPWLH474X63w0Ido:xrSW7UT2fUTVzRzbLH474XUw0Iy

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks