Overview

overview

10

Static

static

3

1cbf665d01...fa.exe

windows7-x64

10

1cbf665d01...fa.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1cbf665d01b94487550006793eb4df3fa7e8941039ccdb3f55ee0492e0ce62fa

  • Size

    6.0MB

  • Sample

    241104-2a5jzaydlc

  • MD5

    e8aeeb2f53ca156cf8bff4a1f193fd09

  • SHA1

    0aebeb9c30bf9417673ba7d1864f8ea89f6120e3

  • SHA256

    1cbf665d01b94487550006793eb4df3fa7e8941039ccdb3f55ee0492e0ce62fa

  • SHA512

    4907c34224f6fca385bc2afafbe44f18642b57d2354d19139d1dd309dee66b8d15a814f44e69a0dae9087df3d0bcf7e948672f5260e2ab4ee8fe8ac470cb85e9

  • SSDEEP

    196608:DhNyXXJpZgtNhUjVW65HWU5CuXq/8n597/GUi6d:ls2tNhyrVq/8n59TD

Score
10/10
socks5systemzbotnetdiscovery

Malware Config

Targets

    • Target

      1cbf665d01b94487550006793eb4df3fa7e8941039ccdb3f55ee0492e0ce62fa

    • Size

      6.0MB

    • MD5

      e8aeeb2f53ca156cf8bff4a1f193fd09

    • SHA1

      0aebeb9c30bf9417673ba7d1864f8ea89f6120e3

    • SHA256

      1cbf665d01b94487550006793eb4df3fa7e8941039ccdb3f55ee0492e0ce62fa

    • SHA512

      4907c34224f6fca385bc2afafbe44f18642b57d2354d19139d1dd309dee66b8d15a814f44e69a0dae9087df3d0bcf7e948672f5260e2ab4ee8fe8ac470cb85e9

    • SSDEEP

      196608:DhNyXXJpZgtNhUjVW65HWU5CuXq/8n597/GUi6d:ls2tNhyrVq/8n59TD

    Score
    10/10
    socks5systemzbotnetdiscovery

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

      botnetsocks5systemz

    • Socks5systemz family

      socks5systemz

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks