socks5systemz | 3f812e3776bc2a73ff2bdeeb8aca47d0b726db8172a83f3d7c0c80c1dd1f539b | Triage

Submit
Reports

Overview

overview

Static

static

3

3f812e3776...bN.exe

windows7-x64

3f812e3776...bN.exe

windows10-2004-x64

Sharing

General

Target

3f812e3776bc2a73ff2bdeeb8aca47d0b726db8172a83f3d7c0c80c1dd1f539bN
Size

3.0MB
Sample

241002-bpa1sszdpn
MD5

6976c2f4eb0fc3e23386810a612a85e0
SHA1

16083d6b107d37c5167317c73b4a88529053dbfc
SHA256

3f812e3776bc2a73ff2bdeeb8aca47d0b726db8172a83f3d7c0c80c1dd1f539b
SHA512

d20f2c0c8ae1c7c036db38942be69b3deeffd596163c56350f5d7cb61577fa06e9625ac87c20e4bd24bdf6d39815b93b81e7dce9f1399c0282e0c4cec7f30303
SSDEEP

49152:C9MrGktlzGTbi813f23CG5Pckw8rx/0osmuwz55MXEc1xhT/+tzSHRGm6:MMrz/zUzNfZG5dhrx/1Vu8M0CV/L2

Score

10^/10

socks5systemz botnet discovery

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

3f812e3776bc2a73ff2bdeeb8aca47d0b726db8172a83f3d7c0c80c1dd1f539bN.exe

Resource

win7-20240708-en

socks5systemz botnet discovery

windows7-x64

9 signatures

120 seconds

Behavioral task

behavioral2

Sample

3f812e3776bc2a73ff2bdeeb8aca47d0b726db8172a83f3d7c0c80c1dd1f539bN.exe

Resource

win10v2004-20240802-en

socks5systemz botnet discovery

windows10-2004-x64

9 signatures

120 seconds

Malware Config

Targets

- Target
  
  3f812e3776bc2a73ff2bdeeb8aca47d0b726db8172a83f3d7c0c80c1dd1f539bN
- Size
  
  3.0MB
- MD5
  
  6976c2f4eb0fc3e23386810a612a85e0
- SHA1
  
  16083d6b107d37c5167317c73b4a88529053dbfc
- SHA256
  
  3f812e3776bc2a73ff2bdeeb8aca47d0b726db8172a83f3d7c0c80c1dd1f539b
- SHA512
  
  d20f2c0c8ae1c7c036db38942be69b3deeffd596163c56350f5d7cb61577fa06e9625ac87c20e4bd24bdf6d39815b93b81e7dce9f1399c0282e0c4cec7f30303
- SSDEEP
  
  49152:C9MrGktlzGTbi813f23CG5Pckw8rx/0osmuwz55MXEc1xhT/+tzSHRGm6:MMrz/zUzNfZG5dhrx/1Vu8M0CV/L2
Score

10^/10

socks5systemz botnet discovery
- Detect Socks5Systemz Payload
- Socks5Systemz
  Socks5Systemz is a botnet written in C++.
  botnet socks5systemz
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

socks5systemzbotnetdiscovery

behavioral2

socks5systemzbotnetdiscovery

© 2018-2024

Terms | Privacy