General

  • Target

    01ce65e3634910cf04481dc24ea2ce14.exe

  • Size

    3.6MB

  • Sample

    250326-h2s6gasmy6

  • MD5

    01ce65e3634910cf04481dc24ea2ce14

  • SHA1

    c86927e6c45e4c6d260713e41e6c8a4c914e321b

  • SHA256

    3e19a6f499ec5284e0e96e22caf84dec1560ede59e8947dc95a55038982c25af

  • SHA512

    ccddff21fa0c35aaf8918597a3556d5adccdb06493a1ff26980b37f2cda55e01d7d30e931a20a5fb959fbadbdd320955e99b54aa34929ae7748c95a7bbd96d79

  • SSDEEP

    98304:3geaVaKEAN7yvxYLfcTGXWq6kI0sH8LKDrvWCv9p9kw7yau:wOAxixYbCGmqzha8LtCv9Cau

Malware Config

Targets

    • Target

      01ce65e3634910cf04481dc24ea2ce14.exe

    • Size

      3.6MB

    • MD5

      01ce65e3634910cf04481dc24ea2ce14

    • SHA1

      c86927e6c45e4c6d260713e41e6c8a4c914e321b

    • SHA256

      3e19a6f499ec5284e0e96e22caf84dec1560ede59e8947dc95a55038982c25af

    • SHA512

      ccddff21fa0c35aaf8918597a3556d5adccdb06493a1ff26980b37f2cda55e01d7d30e931a20a5fb959fbadbdd320955e99b54aa34929ae7748c95a7bbd96d79

    • SSDEEP

      98304:3geaVaKEAN7yvxYLfcTGXWq6kI0sH8LKDrvWCv9p9kw7yau:wOAxixYbCGmqzha8LtCv9Cau

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

    • Socks5systemz family

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks