Overview

overview

10

Static

static

3

b48793592f...90.exe

windows7-x64

10

b48793592f...90.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b48793592f90afef41d909b85d418d190937b85d8d333d92d7958c0147ffcf90

  • Size

    4.2MB

  • Sample

    241031-kvze1svhql

  • MD5

    e16ba90fa4d97453c7f8a9eb86c64243

  • SHA1

    9a6b08ae65e54ccf7bb9878e350f732d78a48533

  • SHA256

    b48793592f90afef41d909b85d418d190937b85d8d333d92d7958c0147ffcf90

  • SHA512

    48311c7bb0d3f558b6746ef3740e30f8b4ff25f963c1b587f98993d9ce0ce708f7a97c02a2d0773df282eb6243d9679771d101ac7502ba94ba765b7725274e60

  • SSDEEP

    98304:IyVMMAyOLcjqHKa8AQCMNaSB58v3pnEmmUnp0aHEZ:7AyFqqa8GFe8vNlZpjHEZ

Score
10/10
socks5systemzbotnetdiscovery

Malware Config

Targets

    • Target

      b48793592f90afef41d909b85d418d190937b85d8d333d92d7958c0147ffcf90

    • Size

      4.2MB

    • MD5

      e16ba90fa4d97453c7f8a9eb86c64243

    • SHA1

      9a6b08ae65e54ccf7bb9878e350f732d78a48533

    • SHA256

      b48793592f90afef41d909b85d418d190937b85d8d333d92d7958c0147ffcf90

    • SHA512

      48311c7bb0d3f558b6746ef3740e30f8b4ff25f963c1b587f98993d9ce0ce708f7a97c02a2d0773df282eb6243d9679771d101ac7502ba94ba765b7725274e60

    • SSDEEP

      98304:IyVMMAyOLcjqHKa8AQCMNaSB58v3pnEmmUnp0aHEZ:7AyFqqa8GFe8vNlZpjHEZ

    Score
    10/10
    socks5systemzbotnetdiscovery

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

      botnetsocks5systemz

    • Socks5systemz family

      socks5systemz

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks