General

  • Target

    4aebd52900641aeb9163b1aa26f34f0a37070befddf43e3f7fac9dc1d3042ed4

  • Size

    3.8MB

  • Sample

    240810-fzx1jaxdkp

  • MD5

    62373581f61aa98404fc7efbd98fc3ed

  • SHA1

    356081e3a2e6cc8f51b6edb2ca309a9525bd8406

  • SHA256

    4aebd52900641aeb9163b1aa26f34f0a37070befddf43e3f7fac9dc1d3042ed4

  • SHA512

    e25eb8ad22c4ec31dd5724def6090876f924418c496341e1683575f2b82bae1f6685f1fc177cf73091265339936994dcf00da1b07055272749f6f18d51a81c55

  • SSDEEP

    98304:NeP5bNpTjW9tQvintnHHxcYuToBSKPzjAdmdn8G:2NpTjaQqnFCowYjAdmT

Malware Config

Targets

    • Target

      4aebd52900641aeb9163b1aa26f34f0a37070befddf43e3f7fac9dc1d3042ed4

    • Size

      3.8MB

    • MD5

      62373581f61aa98404fc7efbd98fc3ed

    • SHA1

      356081e3a2e6cc8f51b6edb2ca309a9525bd8406

    • SHA256

      4aebd52900641aeb9163b1aa26f34f0a37070befddf43e3f7fac9dc1d3042ed4

    • SHA512

      e25eb8ad22c4ec31dd5724def6090876f924418c496341e1683575f2b82bae1f6685f1fc177cf73091265339936994dcf00da1b07055272749f6f18d51a81c55

    • SSDEEP

      98304:NeP5bNpTjW9tQvintnHHxcYuToBSKPzjAdmdn8G:2NpTjaQqnFCowYjAdmT

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks