Overview

overview

10

Static

static

3

6befc4788c...93.exe

windows7-x64

10

6befc4788c...93.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6befc4788cb4c7973ea49449643c0ad954fc532c89414fdbc6a31c7e9985d293

  • Size

    3.4MB

  • Sample

    241128-xhv82swpat

  • MD5

    4589917f63adae8613e51af19b2f5336

  • SHA1

    67e36b556db3ebb6bae928faa337e16f166a4158

  • SHA256

    6befc4788cb4c7973ea49449643c0ad954fc532c89414fdbc6a31c7e9985d293

  • SHA512

    bd7186e36c4881d30339c6bb552d14939cc8ed305b35822d383ec06c11c6d0443ed773512e1a13cd82df6b5413689a8ef50c73c14e9368b2e1fb09bd75c56a99

  • SSDEEP

    98304:NEUlaUYw4OdbfbMiDMf/6Q9Sau4m79/RXUan9SaL2KE:iU0g4e7LM36Qc4sX7Mw2D

Score
10/10
socks5systemzbotnetdiscovery

Malware Config

Targets

    • Target

      6befc4788cb4c7973ea49449643c0ad954fc532c89414fdbc6a31c7e9985d293

    • Size

      3.4MB

    • MD5

      4589917f63adae8613e51af19b2f5336

    • SHA1

      67e36b556db3ebb6bae928faa337e16f166a4158

    • SHA256

      6befc4788cb4c7973ea49449643c0ad954fc532c89414fdbc6a31c7e9985d293

    • SHA512

      bd7186e36c4881d30339c6bb552d14939cc8ed305b35822d383ec06c11c6d0443ed773512e1a13cd82df6b5413689a8ef50c73c14e9368b2e1fb09bd75c56a99

    • SSDEEP

      98304:NEUlaUYw4OdbfbMiDMf/6Q9Sau4m79/RXUan9SaL2KE:iU0g4e7LM36Qc4sX7Mw2D

    Score
    10/10
    socks5systemzbotnetdiscovery

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

      botnetsocks5systemz

    • Socks5systemz family

      socks5systemz

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks