General

  • Target

    8c2a6421b9b1ced8ec6a122e686bdaa7735bcf24184b7e8ba648b4af1a2b0114

  • Size

    3.8MB

  • Sample

    240810-rv7vqaxeqh

  • MD5

    9e95f5d88974884ba8664a01f2f47535

  • SHA1

    f9dec1ce759330bc5826748d015e64bfb2bc633b

  • SHA256

    8c2a6421b9b1ced8ec6a122e686bdaa7735bcf24184b7e8ba648b4af1a2b0114

  • SHA512

    f1451e8d0b96a12b54f4dd6985532d18aa17b906725b354a5570b684fff31d7c9ff65024898a5f7627bcabc080c2527e86f8929480964bc4ec0a5358d943ad6c

  • SSDEEP

    98304:NqwO5PP3bw8IHkoFIsEam3wS2+FewQgYuRX8Z5L8GzAydZ:OnbwwLszm3z2sewQduRsZ5L8GzLP

Malware Config

Targets

    • Target

      8c2a6421b9b1ced8ec6a122e686bdaa7735bcf24184b7e8ba648b4af1a2b0114

    • Size

      3.8MB

    • MD5

      9e95f5d88974884ba8664a01f2f47535

    • SHA1

      f9dec1ce759330bc5826748d015e64bfb2bc633b

    • SHA256

      8c2a6421b9b1ced8ec6a122e686bdaa7735bcf24184b7e8ba648b4af1a2b0114

    • SHA512

      f1451e8d0b96a12b54f4dd6985532d18aa17b906725b354a5570b684fff31d7c9ff65024898a5f7627bcabc080c2527e86f8929480964bc4ec0a5358d943ad6c

    • SSDEEP

      98304:NqwO5PP3bw8IHkoFIsEam3wS2+FewQgYuRX8Z5L8GzAydZ:OnbwwLszm3z2sewQduRsZ5L8GzLP

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks