Overview

overview

10

Static

static

3

054240a3de...7e.exe

windows7-x64

10

054240a3de...7e.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    054240a3dec2a9be5e738ea343e91a1a2545ea09cd667cd47b759d3cca2db37e

  • Size

    4.2MB

  • Sample

    241031-qs1g7azcjk

  • MD5

    aaa7c7773463e618bf5bfb7868b2c496

  • SHA1

    f0d0763e8f46f300394a0ad5ab6d8f3159c59239

  • SHA256

    054240a3dec2a9be5e738ea343e91a1a2545ea09cd667cd47b759d3cca2db37e

  • SHA512

    0222769c71c5c79862545c89c5e038429c0b3dec0e85cf57e9d0c9afb34a27290e7f554a336f9d8d3804b8f9e87aae25900320bf87d16008d7cc8ff1198c89c9

  • SSDEEP

    98304:m8aI+riRQx4k6BkN9YRMKCQV6Cyg/wzt0ESSHX2MGDy+q:taJIn+fYbCQV6Tgwt050

Score
10/10
socks5systemzbotnetdiscovery

Malware Config

Targets

    • Target

      054240a3dec2a9be5e738ea343e91a1a2545ea09cd667cd47b759d3cca2db37e

    • Size

      4.2MB

    • MD5

      aaa7c7773463e618bf5bfb7868b2c496

    • SHA1

      f0d0763e8f46f300394a0ad5ab6d8f3159c59239

    • SHA256

      054240a3dec2a9be5e738ea343e91a1a2545ea09cd667cd47b759d3cca2db37e

    • SHA512

      0222769c71c5c79862545c89c5e038429c0b3dec0e85cf57e9d0c9afb34a27290e7f554a336f9d8d3804b8f9e87aae25900320bf87d16008d7cc8ff1198c89c9

    • SSDEEP

      98304:m8aI+riRQx4k6BkN9YRMKCQV6Cyg/wzt0ESSHX2MGDy+q:taJIn+fYbCQV6Tgwt050

    Score
    10/10
    socks5systemzbotnetdiscovery

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

      botnetsocks5systemz

    • Socks5systemz family

      socks5systemz

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks