Overview

overview

10

Static

static

迪拜女�...md.exe

windows7_x64

10

迪拜女�...md.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    迪拜女推广分享自己的引流话术全套.rar

  • Size

    450KB

  • Sample

    210922-zxtd4sdhd9

  • MD5

    977c4b749f52d854c8b79371d63b0948

  • SHA1

    bd14fa4236770bdd14c06e21bec7cb9a6cce65ee

  • SHA256

    e1c661c2e12cc308e586bdf12691d4cf43135c03cbcfb1fc60c0cdb181d278f5

  • SHA512

    18f771daea29b3942e72999722a3f3a4350bc4d8890604bd2a518af11af74389856a28ada35aeea3df45940dc7867123d181daa9eccf9511b9b9eb3cac68a637

Score
10/10
chinese_generic_botnetbotnetpersistence

Malware Config

Targets

    • Target

      迪拜女推广分享自己的引流话术全套.cmd

    • Size

      1.4MB

    • MD5

      5c2c312c218ccfa377a60d137f1b23a6

    • SHA1

      2fedf0e6524abb785897667b8be852df810d15d4

    • SHA256

      7e2a64b1518d22cdb493edbbbde9d69d3e81c2c4da3fc8bd3defd931b989ba8c

    • SHA512

      fb34d4647b0dee5fe856c046f547caf2fac957955ef9318186fdc759555178fb80c0eaf2c16fbefcc7d2bda73a30d2a07a05ef6caed1b58b627d805990430129

    Score
    10/10
    chinese_generic_botnetbotnetpersistence

    • Generic Chinese Botnet

      A botnet originating from China which is currently unnamed publicly.

      botnetchinese_generic_botnet

    • Chinese Botnet Payload

      botnet

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks