General

  • Target

    33d3cda0c4ce72be41fbf753384b19df31f2af57409636e251cd75fe166a07eb

  • Size

    6.1MB

  • Sample

    241105-apajlazhka

  • MD5

    df3206e9cbdbbaa04d5ed6b8bb8051a0

  • SHA1

    081119f445457a3d33e31b509785830edcf78bb8

  • SHA256

    33d3cda0c4ce72be41fbf753384b19df31f2af57409636e251cd75fe166a07eb

  • SHA512

    6ef8009d3e02eeb403dee11be8d8d5a1c3fb1bfe8fe3a0118b80e51c036a3dd6f15c405d62593168e22142f313a5c4f8be115568f360bc51ff17483b5c9fbdfe

  • SSDEEP

    196608:4J9E2Whrrudk5Yo6ymB7KcX0wMopsccW6d:c97UrWk5KyIPkYpsc2

Malware Config

Targets

    • Target

      33d3cda0c4ce72be41fbf753384b19df31f2af57409636e251cd75fe166a07eb

    • Size

      6.1MB

    • MD5

      df3206e9cbdbbaa04d5ed6b8bb8051a0

    • SHA1

      081119f445457a3d33e31b509785830edcf78bb8

    • SHA256

      33d3cda0c4ce72be41fbf753384b19df31f2af57409636e251cd75fe166a07eb

    • SHA512

      6ef8009d3e02eeb403dee11be8d8d5a1c3fb1bfe8fe3a0118b80e51c036a3dd6f15c405d62593168e22142f313a5c4f8be115568f360bc51ff17483b5c9fbdfe

    • SSDEEP

      196608:4J9E2Whrrudk5Yo6ymB7KcX0wMopsccW6d:c97UrWk5KyIPkYpsc2

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

    • Socks5systemz family

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks