Overview

overview

10

Static

static

3

53b7822374...ab.exe

windows7-x64

10

53b7822374...ab.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    53b78223744527209a317d0c35e57f8dc1e98458b401f8c5f9f1ebac049cdcab

  • Size

    5.4MB

  • Sample

    241104-wtd88sxlfp

  • MD5

    04f5c51e738f3524890736dffa0fdc1c

  • SHA1

    b14a10c80f580afe0aef1e696bc3c7c180a1a120

  • SHA256

    53b78223744527209a317d0c35e57f8dc1e98458b401f8c5f9f1ebac049cdcab

  • SHA512

    c373ce84cdddd6187cebe12eea20ff3e234e3fbdb96a74311af49a1b14bf65dc206b43e7c15b48fc48ffd47a28ae633c1f7d0168355b84bfef11538dc36d0b9f

  • SSDEEP

    98304:NYLiim5RLEQHQjW0kpk/09JRqwS1xLPE7XVMMtn3TAV4O5B9dQ7:OL4RYyQjWqQ4wS1xIFTjAmO5vS7

Score
10/10
socks5systemzbotnetdiscovery

Malware Config

Targets

    • Target

      53b78223744527209a317d0c35e57f8dc1e98458b401f8c5f9f1ebac049cdcab

    • Size

      5.4MB

    • MD5

      04f5c51e738f3524890736dffa0fdc1c

    • SHA1

      b14a10c80f580afe0aef1e696bc3c7c180a1a120

    • SHA256

      53b78223744527209a317d0c35e57f8dc1e98458b401f8c5f9f1ebac049cdcab

    • SHA512

      c373ce84cdddd6187cebe12eea20ff3e234e3fbdb96a74311af49a1b14bf65dc206b43e7c15b48fc48ffd47a28ae633c1f7d0168355b84bfef11538dc36d0b9f

    • SSDEEP

      98304:NYLiim5RLEQHQjW0kpk/09JRqwS1xLPE7XVMMtn3TAV4O5B9dQ7:OL4RYyQjWqQ4wS1xIFTjAmO5vS7

    Score
    10/10
    socks5systemzbotnetdiscovery

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

      botnetsocks5systemz

    • Socks5systemz family

      socks5systemz

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks