Overview

overview

10

Static

static

3

18b12f6553...e2.exe

windows7-x64

10

18b12f6553...e2.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    18b12f655314b498c20855118e8d0386a72656e6550070f04bebc0409341b4e2

  • Size

    5.8MB

  • Sample

    241118-k1jxhstajb

  • MD5

    ac760eaf97ff184b95bb0130537d22f3

  • SHA1

    34ce346debea4de39b700524d58183ff34302190

  • SHA256

    18b12f655314b498c20855118e8d0386a72656e6550070f04bebc0409341b4e2

  • SHA512

    796abc18e07064715746beca2380a59310e6218a91340e9cf6ca98fe9da3bd771de63e98594d4fff1c7052e55c762698e097252a95d2fadcd6985e548b70fbb7

  • SSDEEP

    98304:NKjj93l3hNdqgzFVlhOnBhl9GeZHWI+Zbca7zkFMKJFsuzoq6t95a4kdmp:MjjVqgzFnhAlr2txuzMtIS

Score
10/10
socks5systemzbotnetdiscovery

Malware Config

Targets

    • Target

      18b12f655314b498c20855118e8d0386a72656e6550070f04bebc0409341b4e2

    • Size

      5.8MB

    • MD5

      ac760eaf97ff184b95bb0130537d22f3

    • SHA1

      34ce346debea4de39b700524d58183ff34302190

    • SHA256

      18b12f655314b498c20855118e8d0386a72656e6550070f04bebc0409341b4e2

    • SHA512

      796abc18e07064715746beca2380a59310e6218a91340e9cf6ca98fe9da3bd771de63e98594d4fff1c7052e55c762698e097252a95d2fadcd6985e548b70fbb7

    • SSDEEP

      98304:NKjj93l3hNdqgzFVlhOnBhl9GeZHWI+Zbca7zkFMKJFsuzoq6t95a4kdmp:MjjVqgzFnhAlr2txuzMtIS

    Score
    10/10
    socks5systemzbotnetdiscovery

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

      botnetsocks5systemz

    • Socks5systemz family

      socks5systemz

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks