Overview

overview

10

Static

static

3

3e7097b65e...68.exe

windows7-x64

10

3e7097b65e...68.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3e7097b65eac8e7001e55b3f7efd16f90fed28a83f98a0f32bf57eccd3590768

  • Size

    5.9MB

  • Sample

    241107-jek21sybjg

  • MD5

    18bef1f4174c1efeb27fbe4cf171015a

  • SHA1

    7b35356ef910eecca28e429bc3d015baf4e5c915

  • SHA256

    3e7097b65eac8e7001e55b3f7efd16f90fed28a83f98a0f32bf57eccd3590768

  • SHA512

    8e4a391f2e7d667148814c72b0eb297d24ac760e055a76426b6fa0be455863f558b6e2067a3b8f0cf97aaf0d7bca40d20731aae9cdf1dba2e25ab5fcd3cdcd57

  • SSDEEP

    98304:4yPYU3Ac4FhSyvypYvChy5Puem7Q30RpSmqVAHOasF4hexxEakXWw/+AA:QerNpYvCgQeeQ3gsVAHfhuxEakmNX

Score
10/10
socks5systemzbotnetdiscovery

Malware Config

Targets

    • Target

      3e7097b65eac8e7001e55b3f7efd16f90fed28a83f98a0f32bf57eccd3590768

    • Size

      5.9MB

    • MD5

      18bef1f4174c1efeb27fbe4cf171015a

    • SHA1

      7b35356ef910eecca28e429bc3d015baf4e5c915

    • SHA256

      3e7097b65eac8e7001e55b3f7efd16f90fed28a83f98a0f32bf57eccd3590768

    • SHA512

      8e4a391f2e7d667148814c72b0eb297d24ac760e055a76426b6fa0be455863f558b6e2067a3b8f0cf97aaf0d7bca40d20731aae9cdf1dba2e25ab5fcd3cdcd57

    • SSDEEP

      98304:4yPYU3Ac4FhSyvypYvChy5Puem7Q30RpSmqVAHOasF4hexxEakXWw/+AA:QerNpYvCgQeeQ3gsVAHfhuxEakmNX

    Score
    10/10
    socks5systemzbotnetdiscovery

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

      botnetsocks5systemz

    • Socks5systemz family

      socks5systemz

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks