chinese_generic_botnet | 2eecb7f3ac6d026ebaed050b0fa0657a6a31a3147ac2f70e61022d729fbbbad3 | Triage

Submit
Reports

Overview

overview

Static

static

诈骗团�...at.exe

windows7_x64

诈骗团�...at.exe

windows10_x64

Sharing

General

Target

诈骗团伙在暗网倒卖5000余万条个人信息曝光.bat
Size

1.8MB
Sample

210922-zwnggadhd6
MD5

dd5ad0f08229b6b8a5624bd03ba907c7
SHA1

b406b4ea867d258f7ec0b31d89cbfe4abd16352f
SHA256

2eecb7f3ac6d026ebaed050b0fa0657a6a31a3147ac2f70e61022d729fbbbad3
SHA512

51f578395ad0caeb3906c63c1418cefdbff5c5efce56a7e0e20627db478cb9c2c7cf31da277e53f6ea250a38fea9b2ef29a6b1091e55b91f44cd9dce349e2418

Score

10^/10

chinese_generic_botnet botnet persistence

Static task

static1

Behavioral task

behavioral1

Sample

诈骗团伙在暗网倒卖5000余万条个人信息曝光.bat.exe

Resource

win7v20210408

chinese_generic_botnet botnet

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

诈骗团伙在暗网倒卖5000余万条个人信息曝光.bat.exe

Resource

win10-en-20210920

chinese_generic_botnet botnet persistence

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  诈骗团伙在暗网倒卖5000余万条个人信息曝光.bat
- Size
  
  1.8MB
- MD5
  
  dd5ad0f08229b6b8a5624bd03ba907c7
- SHA1
  
  b406b4ea867d258f7ec0b31d89cbfe4abd16352f
- SHA256
  
  2eecb7f3ac6d026ebaed050b0fa0657a6a31a3147ac2f70e61022d729fbbbad3
- SHA512
  
  51f578395ad0caeb3906c63c1418cefdbff5c5efce56a7e0e20627db478cb9c2c7cf31da277e53f6ea250a38fea9b2ef29a6b1091e55b91f44cd9dce349e2418
Score

10^/10

chinese_generic_botnet botnet persistence
- Generic Chinese Botnet
  A botnet originating from China which is currently unnamed publicly.
  botnet chinese_generic_botnet
- Chinese Botnet Payload
  botnet
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

chinese_generic_botnetbotnet

behavioral2

chinese_generic_botnetbotnetpersistence

© 2018-2025

Terms | Privacy