Overview

overview

10

Static

static

3

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    3.1MB

  • Sample

    250325-ybztbs1wgx

  • MD5

    eae068a3c8755b6534349ba95356b7ab

  • SHA1

    5eb2f06f00013730bed4f7a44817d58d5ebae373

  • SHA256

    9ff154fc1fcaf2c1848caefd2d65686a424e9c083a62f844226e6dce0a896551

  • SHA512

    3f13e3d644179cbdfa31c09e86b0d316f58c18788bba9fe838035c26283aa86026997d5e6b755cae66fdcbbcd0b2e7a748dd469b84083c7aaa118b65e168561d

  • SSDEEP

    49152:p9XE4lpGPSRcqsWlQpZ+Drkf7SSnGwwUydhcgZGtJjzqwWKlSOxkKFe5OT4wQ8u:3Xhl8PQCWlQzP7uwyPmJignxkqeOTiB

Score
10/10
socks5systemzbotnetdiscovery

Malware Config

Targets

    • Target

      file.exe

    • Size

      3.1MB

    • MD5

      eae068a3c8755b6534349ba95356b7ab

    • SHA1

      5eb2f06f00013730bed4f7a44817d58d5ebae373

    • SHA256

      9ff154fc1fcaf2c1848caefd2d65686a424e9c083a62f844226e6dce0a896551

    • SHA512

      3f13e3d644179cbdfa31c09e86b0d316f58c18788bba9fe838035c26283aa86026997d5e6b755cae66fdcbbcd0b2e7a748dd469b84083c7aaa118b65e168561d

    • SSDEEP

      49152:p9XE4lpGPSRcqsWlQpZ+Drkf7SSnGwwUydhcgZGtJjzqwWKlSOxkKFe5OT4wQ8u:3Xhl8PQCWlQzP7uwyPmJignxkqeOTiB

    Score
    10/10
    socks5systemzbotnetdiscovery

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

      botnetsocks5systemz

    • Socks5systemz family

      socks5systemz

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks