Overview

overview

10

Static

static

3

5c562fd528...b6.exe

windows7-x64

10

5c562fd528...b6.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5c562fd528e47411fc3ef086c9593955a3bb85694eef2159f59af535e8ea11b6

  • Size

    5.4MB

  • Sample

    241103-v83dyayqey

  • MD5

    b4372f4a7815366573f5e375c18f49cb

  • SHA1

    bedda6600c3534e3c1ef8239bef8ca4a83998b1d

  • SHA256

    5c562fd528e47411fc3ef086c9593955a3bb85694eef2159f59af535e8ea11b6

  • SHA512

    467e2ba255d6e8ab2b6e14fb83df8fa8330ef738573dabd1cbc0294dd0534cc6c6063333f6b37f05762758306f331e5976f90a5ef311911c3371183dd808ecba

  • SSDEEP

    98304:Q6sPRM8WCDjO5luBJQ6j3tSio5jeLZY+jtBPtD8vKQG/khAzhffCz1GSk:yRM2Dj9BJRjEjeLYC/khAz9lx

Score
10/10
socks5systemzbotnetdiscovery

Malware Config

Targets

    • Target

      5c562fd528e47411fc3ef086c9593955a3bb85694eef2159f59af535e8ea11b6

    • Size

      5.4MB

    • MD5

      b4372f4a7815366573f5e375c18f49cb

    • SHA1

      bedda6600c3534e3c1ef8239bef8ca4a83998b1d

    • SHA256

      5c562fd528e47411fc3ef086c9593955a3bb85694eef2159f59af535e8ea11b6

    • SHA512

      467e2ba255d6e8ab2b6e14fb83df8fa8330ef738573dabd1cbc0294dd0534cc6c6063333f6b37f05762758306f331e5976f90a5ef311911c3371183dd808ecba

    • SSDEEP

      98304:Q6sPRM8WCDjO5luBJQ6j3tSio5jeLZY+jtBPtD8vKQG/khAzhffCz1GSk:yRM2Dj9BJRjEjeLYC/khAz9lx

    Score
    10/10
    socks5systemzbotnetdiscovery

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

      botnetsocks5systemz

    • Socks5systemz family

      socks5systemz

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks