Overview

overview

10

Static

static

3

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    5.9MB

  • Sample

    241115-n6a4catemc

  • MD5

    cbb34d95217826f4ad877e7e7a46b69c

  • SHA1

    d903374f9236b135cf42c4a573b5cd33df9074bd

  • SHA256

    707b321c42fbaa91cf41a9b41c85f3b56c7326cb32f40fc495f17df83b21cbed

  • SHA512

    eec4382387a1c2223da3350a28ec250cfa6dd2edb7eda6c516ee32fc784638f23005e992af337e9d87878fe2049b0a41df7f1c65c9d717d6a8771d7833be3f60

  • SSDEEP

    98304:PX4wRX+gNnYLzYhrMfgiBB3owncvnuOK+VWUhFh6J3GB4VVPYhpYEFyazx1G0:vnRX+gNnYvgHycaYwTVVPQyaB

Score
10/10
socks5systemzbotnetdiscovery

Malware Config

Targets

    • Target

      file.exe

    • Size

      5.9MB

    • MD5

      cbb34d95217826f4ad877e7e7a46b69c

    • SHA1

      d903374f9236b135cf42c4a573b5cd33df9074bd

    • SHA256

      707b321c42fbaa91cf41a9b41c85f3b56c7326cb32f40fc495f17df83b21cbed

    • SHA512

      eec4382387a1c2223da3350a28ec250cfa6dd2edb7eda6c516ee32fc784638f23005e992af337e9d87878fe2049b0a41df7f1c65c9d717d6a8771d7833be3f60

    • SSDEEP

      98304:PX4wRX+gNnYLzYhrMfgiBB3owncvnuOK+VWUhFh6J3GB4VVPYhpYEFyazx1G0:vnRX+gNnYvgHycaYwTVVPQyaB

    Score
    10/10
    socks5systemzbotnetdiscovery

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

      botnetsocks5systemz

    • Socks5systemz family

      socks5systemz

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks