General

  • Target

    47a3a02bf52254b5776960a68c2f17aa773cb66072843638b19cb582e6ef8409

  • Size

    5.7MB

  • Sample

    241113-hx6k1axfjk

  • MD5

    a77b03795fd546e1ce17a89770416e0a

  • SHA1

    6473da89e95a6750dfec775ec1805ec025b62ab5

  • SHA256

    47a3a02bf52254b5776960a68c2f17aa773cb66072843638b19cb582e6ef8409

  • SHA512

    b9ed6b713e84f78340ea76af9da0a987caa3cd67e58c071ff9f0c79d84e96996a37a3f6437a70eadedf6674e3e9f3d99a21eda71f5607f9dd833c3d937b480aa

  • SSDEEP

    98304:PX41O2pXtg27SK59Ej2oVmV1J7bXc012r+z0nP7qT6D07uyazx11:viXu2159Ej2oUVf4r+AnP2TeyaR

Malware Config

Targets

    • Target

      47a3a02bf52254b5776960a68c2f17aa773cb66072843638b19cb582e6ef8409

    • Size

      5.7MB

    • MD5

      a77b03795fd546e1ce17a89770416e0a

    • SHA1

      6473da89e95a6750dfec775ec1805ec025b62ab5

    • SHA256

      47a3a02bf52254b5776960a68c2f17aa773cb66072843638b19cb582e6ef8409

    • SHA512

      b9ed6b713e84f78340ea76af9da0a987caa3cd67e58c071ff9f0c79d84e96996a37a3f6437a70eadedf6674e3e9f3d99a21eda71f5607f9dd833c3d937b480aa

    • SSDEEP

      98304:PX41O2pXtg27SK59Ej2oVmV1J7bXc012r+z0nP7qT6D07uyazx11:viXu2159Ej2oUVf4r+AnP2TeyaR

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

    • Socks5systemz family

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks