General

  • Target

    d0ed306e5ab9781e53f4caeaa5c591e0N.exe

  • Size

    4.3MB

  • Sample

    240803-x4dacsxdlh

  • MD5

    d0ed306e5ab9781e53f4caeaa5c591e0

  • SHA1

    74421bf5e445f2a43f90f03a0cb9c886f7bb8e06

  • SHA256

    17df4bc816b0f19e2d43b1fae117e7485f5645a9ca4a869325716df4b9fc1160

  • SHA512

    f7874e3e1194fed1944efb3aad4540f733e6400fa125ef86a60338654cfdd7b95a8bf77f0777ed56c382688409f914908fc81f4834ee72773698f37fce3de6cd

  • SSDEEP

    98304:NKgPlOGOkreOoPkAH96/qxr99gxkVX69/LfLKEdQ:w/OoPkALR9y22tm

Malware Config

Targets

    • Target

      d0ed306e5ab9781e53f4caeaa5c591e0N.exe

    • Size

      4.3MB

    • MD5

      d0ed306e5ab9781e53f4caeaa5c591e0

    • SHA1

      74421bf5e445f2a43f90f03a0cb9c886f7bb8e06

    • SHA256

      17df4bc816b0f19e2d43b1fae117e7485f5645a9ca4a869325716df4b9fc1160

    • SHA512

      f7874e3e1194fed1944efb3aad4540f733e6400fa125ef86a60338654cfdd7b95a8bf77f0777ed56c382688409f914908fc81f4834ee72773698f37fce3de6cd

    • SSDEEP

      98304:NKgPlOGOkreOoPkAH96/qxr99gxkVX69/LfLKEdQ:w/OoPkALR9y22tm

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks