Overview

overview

10

Static

static

mixazed_20...11.exe

windows7_x64

10

mixazed_20...11.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    mixazed_20210816-155711

  • Size

    283KB

  • Sample

    210817-qxq4a635bj

  • MD5

    f85b93364a678d47d4b54675dda1abc3

  • SHA1

    e03b6b4d0690d66e323868e1243b32e2af947b0a

  • SHA256

    42525e109fc534ac972d74fcb8c628528ddecc7c124ff1c0a5059139444f4165

  • SHA512

    97e78d70291383bfbfbef98617294dc1eb61a757ece1eb88aea5036d913c0731fc2247c061d0261fd4cfa97e344b94bce0b55c7878ea6d85222206fae31c96bf

Score
10/10
chinese_generic_botnetbotnetpersistence

Malware Config

Targets

    • Target

      mixazed_20210816-155711

    • Size

      283KB

    • MD5

      f85b93364a678d47d4b54675dda1abc3

    • SHA1

      e03b6b4d0690d66e323868e1243b32e2af947b0a

    • SHA256

      42525e109fc534ac972d74fcb8c628528ddecc7c124ff1c0a5059139444f4165

    • SHA512

      97e78d70291383bfbfbef98617294dc1eb61a757ece1eb88aea5036d913c0731fc2247c061d0261fd4cfa97e344b94bce0b55c7878ea6d85222206fae31c96bf

    Score
    10/10
    chinese_generic_botnetbotnetpersistence

    • Generic Chinese Botnet

      A botnet originating from China which is currently unnamed publicly.

      botnetchinese_generic_botnet

    • Chinese Botnet Payload

      botnet

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks