Overview

overview

10

Static

static

3

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    5458fad1cce419b174b90b38d788ec14fc0a8fe079141a6ee2a87575f5bd4867

  • Size

    4.0MB

  • Sample

    240811-j72kgasapr

  • MD5

    d262d4d39c160e8b1f19a656c8b3a933

  • SHA1

    ab47c7149ac440e0f633529bc305b12487c7624b

  • SHA256

    5458fad1cce419b174b90b38d788ec14fc0a8fe079141a6ee2a87575f5bd4867

  • SHA512

    ffa7c43394774e043a1808b39f5cdbd7def57bfa21880a7caf1a220676c8059dffc40eeb46826160ad274628012c20cd3172ce366053d4406e23e0d59885fc8f

  • SSDEEP

    98304:NiKTHvmlglk1ORB9PTnsd71hS/EB0rLMioW0/LKsDiUfpNaS1KldRR:cKTPmlga1mZsBWLiW0DNf7Ad

Score
10/10
socks5systemzbotnetdiscovery

Malware Config

Targets

    • Target

      5458fad1cce419b174b90b38d788ec14fc0a8fe079141a6ee2a87575f5bd4867

    • Size

      4.0MB

    • MD5

      d262d4d39c160e8b1f19a656c8b3a933

    • SHA1

      ab47c7149ac440e0f633529bc305b12487c7624b

    • SHA256

      5458fad1cce419b174b90b38d788ec14fc0a8fe079141a6ee2a87575f5bd4867

    • SHA512

      ffa7c43394774e043a1808b39f5cdbd7def57bfa21880a7caf1a220676c8059dffc40eeb46826160ad274628012c20cd3172ce366053d4406e23e0d59885fc8f

    • SSDEEP

      98304:NiKTHvmlglk1ORB9PTnsd71hS/EB0rLMioW0/LKsDiUfpNaS1KldRR:cKTPmlga1mZsBWLiW0DNf7Ad

    Score
    10/10
    socks5systemzbotnetdiscovery

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

      botnetsocks5systemz

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks