Overview

overview

10

Static

static

3

038c7d5697...bf.exe

windows7-x64

10

038c7d5697...bf.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    038c7d5697bfbe553717357809e621bf.exe

  • Size

    3.6MB

  • Sample

    241216-q5tv6ssjbv

  • MD5

    038c7d5697bfbe553717357809e621bf

  • SHA1

    1264a6bc374db430ce8007b99cc6b10ad0f14c9e

  • SHA256

    71f8685ec48d0623886c9cf10bc1bc806586904c939aa28d20f9a253d45b623f

  • SHA512

    5efd09421e9d4fbd295f1837416c4c6221dd658b95133ae6c9adfbdec803ae7f0d78404e43352db35f570ea3330850a7a93463452435e3980c59e7f99978e4c9

  • SSDEEP

    98304:Nq7HAHRAuq+jR377VPm3v9exaG/ak4Rac/8fEUbEOUJS:M7yAuq+jR37thxaG/waU+ZEOj

Score
10/10
socks5systemzbotnetdiscovery

Malware Config

Targets

    • Target

      038c7d5697bfbe553717357809e621bf.exe

    • Size

      3.6MB

    • MD5

      038c7d5697bfbe553717357809e621bf

    • SHA1

      1264a6bc374db430ce8007b99cc6b10ad0f14c9e

    • SHA256

      71f8685ec48d0623886c9cf10bc1bc806586904c939aa28d20f9a253d45b623f

    • SHA512

      5efd09421e9d4fbd295f1837416c4c6221dd658b95133ae6c9adfbdec803ae7f0d78404e43352db35f570ea3330850a7a93463452435e3980c59e7f99978e4c9

    • SSDEEP

      98304:Nq7HAHRAuq+jR377VPm3v9exaG/ak4Rac/8fEUbEOUJS:M7yAuq+jR37thxaG/waU+ZEOj

    Score
    10/10
    socks5systemzbotnetdiscovery

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

      botnetsocks5systemz

    • Socks5systemz family

      socks5systemz

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks