Overview

overview

10

Static

static

3

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cede964e488f29fb04cf6214166255626d2e1262c1663b24cea3f61f7474595f

  • Size

    2.6MB

  • Sample

    240914-fzfq9ayblp

  • MD5

    ad9411717e129ff618317807f69b1a9d

  • SHA1

    f97f92ffa72270d06f6a9a3ca36c436431da1461

  • SHA256

    cede964e488f29fb04cf6214166255626d2e1262c1663b24cea3f61f7474595f

  • SHA512

    e5132433f2305787dc82b994356877050e9bfa17bf113216930a2f95777b74e3794fe3c5d8651003de61ae12ddfae5a1b5ecdb613d02148c09c14d1accd076e2

  • SSDEEP

    49152:1v0jASg1Wec4K3MXBuf4VSpEjE439tzLiHpXKK2CnVu+G2FUAciqyyRPsCzzid:NsfOs3SB4qh9tzLiHpXKK2MVpUANq7Xi

Score
10/10
socks5systemzbotnetdiscovery

Malware Config

Targets

    • Target

      cede964e488f29fb04cf6214166255626d2e1262c1663b24cea3f61f7474595f

    • Size

      2.6MB

    • MD5

      ad9411717e129ff618317807f69b1a9d

    • SHA1

      f97f92ffa72270d06f6a9a3ca36c436431da1461

    • SHA256

      cede964e488f29fb04cf6214166255626d2e1262c1663b24cea3f61f7474595f

    • SHA512

      e5132433f2305787dc82b994356877050e9bfa17bf113216930a2f95777b74e3794fe3c5d8651003de61ae12ddfae5a1b5ecdb613d02148c09c14d1accd076e2

    • SSDEEP

      49152:1v0jASg1Wec4K3MXBuf4VSpEjE439tzLiHpXKK2CnVu+G2FUAciqyyRPsCzzid:NsfOs3SB4qh9tzLiHpXKK2MVpUANq7Xi

    Score
    10/10
    socks5systemzbotnetdiscovery

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

      botnetsocks5systemz

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks