General

  • Target

    79dbea223477d53051efdc11a3a9ea453ff05b6801d47af847f2b766e4f83336

  • Size

    4.4MB

  • Sample

    240810-wt6y9a1dnq

  • MD5

    14c3686e04af406dbc1b8387a03cf129

  • SHA1

    56ef670c09a5c388858c831ff852a14534faba21

  • SHA256

    79dbea223477d53051efdc11a3a9ea453ff05b6801d47af847f2b766e4f83336

  • SHA512

    664cd1ccf7b840f86adbc77b4d42a75602d2deb1274afdb8b3d01aeb099c8c5b4096b7a04cdc480157266d6c097ad7e3a3416cb5948c7b23715c6762e05157b9

  • SSDEEP

    98304:NgRH+/mYa01Y8epn4CUa5+B9NdbmqBKDhkj+B4HVdZ:7Fa0+4CULfdRMmj+a1P

Malware Config

Targets

    • Target

      79dbea223477d53051efdc11a3a9ea453ff05b6801d47af847f2b766e4f83336

    • Size

      4.4MB

    • MD5

      14c3686e04af406dbc1b8387a03cf129

    • SHA1

      56ef670c09a5c388858c831ff852a14534faba21

    • SHA256

      79dbea223477d53051efdc11a3a9ea453ff05b6801d47af847f2b766e4f83336

    • SHA512

      664cd1ccf7b840f86adbc77b4d42a75602d2deb1274afdb8b3d01aeb099c8c5b4096b7a04cdc480157266d6c097ad7e3a3416cb5948c7b23715c6762e05157b9

    • SSDEEP

      98304:NgRH+/mYa01Y8epn4CUa5+B9NdbmqBKDhkj+B4HVdZ:7Fa0+4CULfdRMmj+a1P

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks