General

  • Target

    b646afe5f1e1e960c04e195e887439565cf1a8063bc3f1510149170d753152a2N.exe

  • Size

    7.8MB

  • Sample

    241211-en9drawkct

  • MD5

    30dc373a3c65f8787246ff839106ba00

  • SHA1

    355ab56d8bd4e66a1667f6d886b0e296a0f862e7

  • SHA256

    b646afe5f1e1e960c04e195e887439565cf1a8063bc3f1510149170d753152a2

  • SHA512

    4b0d05fcd81ddeb563eb1ab10afc1f42ff3d87f7d794e28ac9aed95eb3b23efb6a73d6e25fb52af3a5027f50da756d02932d0b35b1ea807d271dd77639773c2a

  • SSDEEP

    196608:tmCyyr0Em5/6rNUpNvBLrKVgF6mM0tFT31KdifTcd:tYyr0EyZpNvJAtU1Fro

Malware Config

Targets

    • Target

      b646afe5f1e1e960c04e195e887439565cf1a8063bc3f1510149170d753152a2N.exe

    • Size

      7.8MB

    • MD5

      30dc373a3c65f8787246ff839106ba00

    • SHA1

      355ab56d8bd4e66a1667f6d886b0e296a0f862e7

    • SHA256

      b646afe5f1e1e960c04e195e887439565cf1a8063bc3f1510149170d753152a2

    • SHA512

      4b0d05fcd81ddeb563eb1ab10afc1f42ff3d87f7d794e28ac9aed95eb3b23efb6a73d6e25fb52af3a5027f50da756d02932d0b35b1ea807d271dd77639773c2a

    • SSDEEP

      196608:tmCyyr0Em5/6rNUpNvBLrKVgF6mM0tFT31KdifTcd:tYyr0EyZpNvJAtU1Fro

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

    • Socks5systemz family

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks