Overview

overview

10

Static

static

3

96f7147ace...87.exe

windows7-x64

10

96f7147ace...87.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    96f7147ace792a36853781e11840f4c0f876e3599318531ff9ae9df1fbc53a87.exe

  • Size

    3.3MB

  • Sample

    241202-j4aycasmdq

  • MD5

    9e14c3aeeb1f2c78919a25f00a54a4a2

  • SHA1

    7b909a9cad8fdaed51201792b4ab6c702ac42fab

  • SHA256

    96f7147ace792a36853781e11840f4c0f876e3599318531ff9ae9df1fbc53a87

  • SHA512

    a30d3abeacda0b183a47ad25e05ae1dbec60a5e1ac55599daa7098b56467e13732e086103dc1512f0fc325b262cdb2598ba833cb0bd2759afe412e71942aee12

  • SSDEEP

    98304:NQRglPsdGTMjPpnX2BG5Rnhkmn7LOkyory1ukF:9UdGwLXkmByS6uc

Score
10/10
socks5systemzbotnetdiscovery

Malware Config

Targets

    • Target

      96f7147ace792a36853781e11840f4c0f876e3599318531ff9ae9df1fbc53a87.exe

    • Size

      3.3MB

    • MD5

      9e14c3aeeb1f2c78919a25f00a54a4a2

    • SHA1

      7b909a9cad8fdaed51201792b4ab6c702ac42fab

    • SHA256

      96f7147ace792a36853781e11840f4c0f876e3599318531ff9ae9df1fbc53a87

    • SHA512

      a30d3abeacda0b183a47ad25e05ae1dbec60a5e1ac55599daa7098b56467e13732e086103dc1512f0fc325b262cdb2598ba833cb0bd2759afe412e71942aee12

    • SSDEEP

      98304:NQRglPsdGTMjPpnX2BG5Rnhkmn7LOkyory1ukF:9UdGwLXkmByS6uc

    Score
    10/10
    socks5systemzbotnetdiscovery

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

      botnetsocks5systemz

    • Socks5systemz family

      socks5systemz

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks