socks5systemz | cdd2a6efad48672b2b9002f1b79c19e6db793440e9f5249d3f8b42c623dad404 | Triage

Submit
Reports

Overview

overview

Static

static

3

5179029eb2...d3.exe

windows7-x64

5179029eb2...d3.exe

windows10-2004-x64

Sharing

General

Target

ad01c8fa6ec2371dfd9f57200f84e13a.bin
Size

5.9MB
Sample

241117-bys8qsybnq
MD5

08c5337a91b313a5fb9c06073871b210
SHA1

839595fefd5222f236db0ed707013340e5d8baee
SHA256

cdd2a6efad48672b2b9002f1b79c19e6db793440e9f5249d3f8b42c623dad404
SHA512

37a2448642ea61d776fec238c77e354ac55f899b01baa64d82d6bbded7dcdc84bf9b962db71fd51ac0647cb34a6a6ee45e4175a82983bb76956da7c723dd2aac
SSDEEP

98304:pesE3CteuduwwK9mKLpi9mcfgTkiSY/WOs1b6mn/yUUcXN9i+7mgXpZtxMJJNC:g33ANnwQmKLpigW0/OlB/yUDd9iW5Ztr

Score

10^/10

socks5systemz botnet discovery

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

5179029eb225a9937cc7507b084cc8418f4d84e3c99e13b5a2a0cc8fdba75bd3.exe

Resource

win7-20240903-en

socks5systemz botnet discovery

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

5179029eb225a9937cc7507b084cc8418f4d84e3c99e13b5a2a0cc8fdba75bd3.exe

Resource

win10v2004-20241007-en

socks5systemz botnet discovery

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  5179029eb225a9937cc7507b084cc8418f4d84e3c99e13b5a2a0cc8fdba75bd3.exe
- Size
  
  6.4MB
- MD5
  
  ad01c8fa6ec2371dfd9f57200f84e13a
- SHA1
  
  0fb1d82d89253d853dcb0e5d66f4b0d2b067b48d
- SHA256
  
  5179029eb225a9937cc7507b084cc8418f4d84e3c99e13b5a2a0cc8fdba75bd3
- SHA512
  
  e46fb5132086fa003b36b0d73e94998e132a402a85ce18d8f02e6911e1a41946b11b77e7f214cb34c959ead6add677cb3842294c45e480580d66646b56b6368a
- SSDEEP
  
  98304:PX4jivxv97/nhks8jVQ9MNa3EgedZ64ymjXA7QjBMh5YwE4zwJozYyazx11:vagxvJPhks8CKaDQemzBBM4wEXoYyaR
Score

10^/10

socks5systemz botnet discovery
- Detect Socks5Systemz Payload
- Socks5Systemz
  Socks5Systemz is a botnet written in C++.
  botnet socks5systemz
- Socks5systemz family
  socks5systemz
- Executes dropped EXE
- Loads dropped DLL
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

socks5systemzbotnetdiscovery

behavioral2

socks5systemzbotnetdiscovery

© 2018-2025

Terms | Privacy