Overview

overview

10

Static

static

3

9bd38aac39...03.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9bd38aac39677166ad695345e85a0103.exe

  • Size

    3.1MB

  • Sample

    250402-h6b3rawlv3

  • MD5

    9bd38aac39677166ad695345e85a0103

  • SHA1

    3b06ee6b63f175d781a77178f574fc22a447ebc2

  • SHA256

    88bd127745be4d9bca9c0bb46414738bdea2b81a68dac93a08ff2aaa9ae3d012

  • SHA512

    34555541638bdf874c4ef206efe4f81eccb8224d2321f1690aef42e0dcc7341f5c9c65c5361dcbe3d88a49282181d4cb74ef29329401f1ab8bb52538b126ee09

  • SSDEEP

    98304:35YZn5uErdKA9JliWOGx3JlAsqrFy05wUwahTFdz:pYd5/8QsWrxHAjxy0Kihf

Score
10/10
socks5systemzbotnetdiscovery

Malware Config

Targets

    • Target

      9bd38aac39677166ad695345e85a0103.exe

    • Size

      3.1MB

    • MD5

      9bd38aac39677166ad695345e85a0103

    • SHA1

      3b06ee6b63f175d781a77178f574fc22a447ebc2

    • SHA256

      88bd127745be4d9bca9c0bb46414738bdea2b81a68dac93a08ff2aaa9ae3d012

    • SHA512

      34555541638bdf874c4ef206efe4f81eccb8224d2321f1690aef42e0dcc7341f5c9c65c5361dcbe3d88a49282181d4cb74ef29329401f1ab8bb52538b126ee09

    • SSDEEP

      98304:35YZn5uErdKA9JliWOGx3JlAsqrFy05wUwahTFdz:pYd5/8QsWrxHAjxy0Kihf

    Score
    10/10
    socks5systemzbotnetdiscovery

    • Detect Socks5Systemz Payload

    • Socks5Systemz

      Socks5Systemz is a botnet written in C++.

      botnetsocks5systemz

    • Socks5systemz family

      socks5systemz

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks