socks5systemz | 2083b097df7a27de0d5da20ad88255bad8c60cbb137d3b90e3d387764a233f67 | Triage

Submit
Reports

Overview

overview

Static

static

3

2083b097df...67.exe

windows7-x64

2083b097df...67.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

2083b097df7a27de0d5da20ad88255bad8c60cbb137d3b90e3d387764a233f67
Size

5.4MB
Sample

241101-zbfacsvepb
MD5

e8d10e715a8e081b44b3f72f64102228
SHA1

b02371316eaf74b96fb05321e13ba58d811dbc56
SHA256

2083b097df7a27de0d5da20ad88255bad8c60cbb137d3b90e3d387764a233f67
SHA512

f6fac9e0b05ec888b1eb5a0fe505e7dbd62bc9652812556a9b2e1682704abe8859e90b80431ae8b5ad788334ed7d042114ad71a0d3f9cb16a01be001e1bf2af1
SSDEEP

98304:Cx/kIxTn9eChEk6OZqnmNEj4gc8cTgaVw1c8g30cggZishFjLLO6QxW:O3xTnPhBsh4gc8GIc8VcggIoFTO6QU

Score

10^/10

socks5systemz botnet discovery

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2083b097df7a27de0d5da20ad88255bad8c60cbb137d3b90e3d387764a233f67.exe

Resource

win7-20241010-en

socks5systemz botnet discovery

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

2083b097df7a27de0d5da20ad88255bad8c60cbb137d3b90e3d387764a233f67.exe

Resource

win10v2004-20241007-en

socks5systemz botnet discovery

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  2083b097df7a27de0d5da20ad88255bad8c60cbb137d3b90e3d387764a233f67
- Size
  
  5.4MB
- MD5
  
  e8d10e715a8e081b44b3f72f64102228
- SHA1
  
  b02371316eaf74b96fb05321e13ba58d811dbc56
- SHA256
  
  2083b097df7a27de0d5da20ad88255bad8c60cbb137d3b90e3d387764a233f67
- SHA512
  
  f6fac9e0b05ec888b1eb5a0fe505e7dbd62bc9652812556a9b2e1682704abe8859e90b80431ae8b5ad788334ed7d042114ad71a0d3f9cb16a01be001e1bf2af1
- SSDEEP
  
  98304:Cx/kIxTn9eChEk6OZqnmNEj4gc8cTgaVw1c8g30cggZishFjLLO6QxW:O3xTnPhBsh4gc8GIc8VcggIoFTO6QU
Score

10^/10

socks5systemz botnet discovery
- Detect Socks5Systemz Payload
- Socks5Systemz
  Socks5Systemz is a botnet written in C++.
  botnet socks5systemz
- Socks5systemz family
  socks5systemz
- Executes dropped EXE
- Loads dropped DLL
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

socks5systemzbotnetdiscovery

behavioral2

socks5systemzbotnetdiscovery

© 2018-2025

Terms | Privacy