Overview

overview

10

Static

static

3

8421b365a2...e7.exe

windows7-x64

10

8421b365a2...e7.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8421b365a24537951094406b593289099de2190d9dc0a431bad056547ac3f4e7

  • Size

    4.2MB

  • Sample

    241031-jgsjwateqc

  • MD5

    196720168edf48e885fedab73f19b157

  • SHA1

    66fcbc80fc91bc9076b813f54640e903ba556fe8

  • SHA256

    8421b365a24537951094406b593289099de2190d9dc0a431bad056547ac3f4e7

  • SHA512

    dc8f61272a729edd52b2559a984f1d54cf6297583e5fb7b5f403e0c92f4d6845ec0e41b825668924dd1d42127f6793c559b2fae9a5b88a0d8d650e8bff2d7758

  • SSDEEP

    98304:IU3QEdIQv2xkFlooyA7Hpz9bQwYCTCEUTT5WDzPdPS:fIQexSlmkpxQwTNUTgH4

Score
10/10
socks5systemzbotnetdiscovery

Malware Config

Targets

    • Target

      8421b365a24537951094406b593289099de2190d9dc0a431bad056547ac3f4e7

    • Size

      4.2MB

    • MD5

      196720168edf48e885fedab73f19b157

    • SHA1

      66fcbc80fc91bc9076b813f54640e903ba556fe8

    • SHA256

      8421b365a24537951094406b593289099de2190d9dc0a431bad056547ac3f4e7

    • SHA512

      dc8f61272a729edd52b2559a984f1d54cf6297583e5fb7b5f403e0c92f4d6845ec0e41b825668924dd1d42127f6793c559b2fae9a5b88a0d8d650e8bff2d7758

    • SSDEEP

      98304:IU3QEdIQv2xkFlooyA7Hpz9bQwYCTCEUTT5WDzPdPS:fIQexSlmkpxQwTNUTgH4

    Score
    10/10
    socks5systemzbotnetdiscovery

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

      botnetsocks5systemz

    • Socks5systemz family

      socks5systemz

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks