socks5systemz | ef2b651c73c3b03f06ae37161afb712b0cdccf77e63de01b39f2eda0fbccea52 | Triage

Submit
Reports

Overview

overview

Static

static

3

ef2b651c73...52.exe

windows7-x64

ef2b651c73...52.exe

windows10-2004-x64

Sharing

General

Target

ef2b651c73c3b03f06ae37161afb712b0cdccf77e63de01b39f2eda0fbccea52.exe
Size

3.6MB
Sample

241127-gfd9razpft
MD5

1dbed06b2dc7b1a8e3e4abc686865a8a
SHA1

ee1e04994c631aa9aec40e8d6a2b2913043a7469
SHA256

ef2b651c73c3b03f06ae37161afb712b0cdccf77e63de01b39f2eda0fbccea52
SHA512

8f1565560f45392c393ed07385b10b6b5a6affa448b42164511a34b0086fc965c4cbba3d3c7e7524866d574337c59944638064338865949645988ae1aeb81c95
SSDEEP

98304:NZcaYHKos9yR8vDrp+0U5TpH/JSSsVKNPxw:75YHw9yK/p+pTpH7nw

Score

10^/10

socks5systemz botnet discovery

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ef2b651c73c3b03f06ae37161afb712b0cdccf77e63de01b39f2eda0fbccea52.exe

Resource

win7-20240903-en

socks5systemz botnet discovery

windows7-x64

12 signatures

120 seconds

Behavioral task

behavioral2

Sample

ef2b651c73c3b03f06ae37161afb712b0cdccf77e63de01b39f2eda0fbccea52.exe

Resource

win10v2004-20241007-en

socks5systemz botnet discovery

windows10-2004-x64

12 signatures

120 seconds

Malware Config

Targets

- Target
  
  ef2b651c73c3b03f06ae37161afb712b0cdccf77e63de01b39f2eda0fbccea52.exe
- Size
  
  3.6MB
- MD5
  
  1dbed06b2dc7b1a8e3e4abc686865a8a
- SHA1
  
  ee1e04994c631aa9aec40e8d6a2b2913043a7469
- SHA256
  
  ef2b651c73c3b03f06ae37161afb712b0cdccf77e63de01b39f2eda0fbccea52
- SHA512
  
  8f1565560f45392c393ed07385b10b6b5a6affa448b42164511a34b0086fc965c4cbba3d3c7e7524866d574337c59944638064338865949645988ae1aeb81c95
- SSDEEP
  
  98304:NZcaYHKos9yR8vDrp+0U5TpH/JSSsVKNPxw:75YHw9yK/p+pTpH7nw
Score

10^/10

socks5systemz botnet discovery
- Detect Socks5Systemz Payload
- Socks5Systemz
  Socks5Systemz is a botnet written in C++.
  botnet socks5systemz
- Socks5systemz family
  socks5systemz
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Network Share Discovery
  Attempt to gather information on host network.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Share Discovery

Query Registry

Remote System Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

socks5systemzbotnetdiscovery

behavioral2

socks5systemzbotnetdiscovery

© 2018-2025

Terms | Privacy