Overview

overview

10

Static

static

3

7e34c86e83...bb.exe

windows7-x64

10

7e34c86e83...bb.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7e34c86e83d26ef30329a5a5ddcf33cb0a2b21dd70486fef9cabda3460f68fbb

  • Size

    4.3MB

  • Sample

    241125-286vpaykdr

  • MD5

    479e9b6a0793e1e994e50636f2c971ab

  • SHA1

    8808cfe7b1904dae574a7d0bb8c7b88bd69e3cb6

  • SHA256

    7e34c86e83d26ef30329a5a5ddcf33cb0a2b21dd70486fef9cabda3460f68fbb

  • SHA512

    e5b3e0c0dd497a6c40a0fc07cf98f5a63b26b15ec129b57a939585a0ff8408b309f95cb279d42b7c7ced5fa07b4aa1b4d623aa0a79b64220f58e51d34eb8dc3f

  • SSDEEP

    98304:NdOdxOnqFswBkRtPLLo60S7TodhEB/1uI66uJ87nvFhVuhjF:zY0j8EPnYPEqX6Pn7oz

Score
10/10
socks5systemzbotnetdiscovery

Malware Config

Targets

    • Target

      7e34c86e83d26ef30329a5a5ddcf33cb0a2b21dd70486fef9cabda3460f68fbb

    • Size

      4.3MB

    • MD5

      479e9b6a0793e1e994e50636f2c971ab

    • SHA1

      8808cfe7b1904dae574a7d0bb8c7b88bd69e3cb6

    • SHA256

      7e34c86e83d26ef30329a5a5ddcf33cb0a2b21dd70486fef9cabda3460f68fbb

    • SHA512

      e5b3e0c0dd497a6c40a0fc07cf98f5a63b26b15ec129b57a939585a0ff8408b309f95cb279d42b7c7ced5fa07b4aa1b4d623aa0a79b64220f58e51d34eb8dc3f

    • SSDEEP

      98304:NdOdxOnqFswBkRtPLLo60S7TodhEB/1uI66uJ87nvFhVuhjF:zY0j8EPnYPEqX6Pn7oz

    Score
    10/10
    socks5systemzbotnetdiscovery

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

      botnetsocks5systemz

    • Socks5systemz family

      socks5systemz

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks