Overview

overview

10

Static

static

震撼!�...at.exe

windows7_x64

10

震撼!�...at.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    震撼!中国留学生杀死并强奸28岁女室友,现场血腥无比.bat

  • Size

    2.2MB

  • Sample

    210922-a6ymraagh8

  • MD5

    268551f31049d52efafa550bcc06e2a5

  • SHA1

    6e627da851706fa5f9dcd0afcb96a0061c61d8e7

  • SHA256

    ed8c9ecf310800fb300299d62fe6610b59f6f761e0450b0e39bd21c3077683a7

  • SHA512

    bc65d8b65eb593d8fc91fd8bb753a1e4962220973feb57874984534c1acf598918876557218b95a5033958a3a53c0582a21cea1966efe94cc05ad218d0a9afc1

Score
10/10
chinese_generic_botnetbotnetpersistence

Malware Config

Targets

    • Target

      震撼!中国留学生杀死并强奸28岁女室友,现场血腥无比.bat

    • Size

      2.2MB

    • MD5

      268551f31049d52efafa550bcc06e2a5

    • SHA1

      6e627da851706fa5f9dcd0afcb96a0061c61d8e7

    • SHA256

      ed8c9ecf310800fb300299d62fe6610b59f6f761e0450b0e39bd21c3077683a7

    • SHA512

      bc65d8b65eb593d8fc91fd8bb753a1e4962220973feb57874984534c1acf598918876557218b95a5033958a3a53c0582a21cea1966efe94cc05ad218d0a9afc1

    Score
    10/10
    chinese_generic_botnetbotnetpersistence

    • Generic Chinese Botnet

      A botnet originating from China which is currently unnamed publicly.

      botnetchinese_generic_botnet

    • Chinese Botnet Payload

      botnet

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks