Overview

overview

10

Static

static

1

22aee22dda...1d.exe

windows7-x64

10

22aee22dda...1d.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    22aee22dda57ee1891a90019d4e84a173c73dcdc12f74d0064c6439fb4f4c81d

  • Size

    3.5MB

  • Sample

    240919-c7x4qaxbkn

  • MD5

    c1e8826c0e62242106b67a1b00441c82

  • SHA1

    0a19ae118933d63083a61d2fdd907dafe2b7ce8c

  • SHA256

    22aee22dda57ee1891a90019d4e84a173c73dcdc12f74d0064c6439fb4f4c81d

  • SHA512

    5e21aef12e9c073a86cece577b2fd8d8780de1d613a90e5be72b035d04d88b3778e401af6d1091fb9ca60b1d4172fa6a68c8a6e61750efd60f32e0d042ec7956

  • SSDEEP

    98304:9/wAkPaQ0+MHU89Lz8zvTUHYWNgUW29xTJ1:dwJ50FHU8pz8bgxNz9hJ1

Score
10/10
socks5systemzbotnetdiscovery

Malware Config

Targets

    • Target

      22aee22dda57ee1891a90019d4e84a173c73dcdc12f74d0064c6439fb4f4c81d

    • Size

      3.5MB

    • MD5

      c1e8826c0e62242106b67a1b00441c82

    • SHA1

      0a19ae118933d63083a61d2fdd907dafe2b7ce8c

    • SHA256

      22aee22dda57ee1891a90019d4e84a173c73dcdc12f74d0064c6439fb4f4c81d

    • SHA512

      5e21aef12e9c073a86cece577b2fd8d8780de1d613a90e5be72b035d04d88b3778e401af6d1091fb9ca60b1d4172fa6a68c8a6e61750efd60f32e0d042ec7956

    • SSDEEP

      98304:9/wAkPaQ0+MHU89Lz8zvTUHYWNgUW29xTJ1:dwJ50FHU8pz8bgxNz9hJ1

    Score
    10/10
    socks5systemzbotnetdiscovery

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

      botnetsocks5systemz

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks