Overview

overview

10

Static

static

3

e709b26315...29.exe

windows7-x64

10

e709b26315...29.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dcf45a3386d6e8a1efa6b2040125c3ca.bin

  • Size

    5.2MB

  • Sample

    241103-b7djms1kfw

  • MD5

    43bb320abc2877b543e5fb4ffa14adc3

  • SHA1

    57e3a6f15dde7f590bc244eb6ffd74ea2f22a4a6

  • SHA256

    aacf72ac8b332ce42ba57debe8029e11f908e34c334e4484d815866d9cd93598

  • SHA512

    616adac2521b4f6a37fd1cfcdc50af8889cbc17c580150f8702615dea088d72ee48ae86355a5ab82782dd397801be07077d7cda916312abf35790c0e07580a15

  • SSDEEP

    98304:F8YT2wU/6SZMn+mDiDkn9tebL5pds6QrxwjeXv1iq0xjgugMf4tBMOOuLBFf:TSwU/dsGDk9tebL5ns/meXchgtBhTd1

Score
10/10
socks5systemzbotnetdiscovery

Malware Config

Targets

    • Target

      e709b26315714057ce041823f8a63f38064790a4a2af8fa00a9b63ea19d82329.exe

    • Size

      5.3MB

    • MD5

      dcf45a3386d6e8a1efa6b2040125c3ca

    • SHA1

      6a7e356507bd3777b6cd9677627e31ce6be7d9cf

    • SHA256

      e709b26315714057ce041823f8a63f38064790a4a2af8fa00a9b63ea19d82329

    • SHA512

      c32ecdc9ec8aaab6c1fd12eff22e83b74f9300e66d9cdfce1f1cf182a944e54a9f4e1a3ee6508aadc7927691760faa89591da6ba8b4298e5eb5cd513bdad6ae8

    • SSDEEP

      98304:MW5j/7pHsZpdItCe3f2Ic0srZCngwwoyR3BDr2ZWpz8UuAxKPtsqJ:/5j/lMZpdyCk1sVwkTR3MMz8UuAsFsU

    Score
    10/10
    socks5systemzbotnetdiscovery

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

      botnetsocks5systemz

    • Socks5systemz family

      socks5systemz

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks