Overview

overview

10

Static

static

fbf.exe

windows7_x64

10

fbf.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fbf.exe

  • Size

    249KB

  • Sample

    210926-sdz9zsehfl

  • MD5

    fbf3187db919beaddb30ae7e52bd9a49

  • SHA1

    d2891928551f2adff238547c7cae4e3fef7cc057

  • SHA256

    a83b8dfadf92be244ccc6b2964eea2f67e0c807befa3ab969a68ee321be583dd

  • SHA512

    1d609711a21609d3bc3df80d3616ef388f32e0adcb9af865bfa3aeb9c61f81e099e5591cdecbe5412a4ea18ef236043c977faad4245ae45fd58eeb15119715ab

Score
10/10
chinese_generic_botnetbotnetpersistence

Malware Config

Targets

    • Target

      fbf.exe

    • Size

      249KB

    • MD5

      fbf3187db919beaddb30ae7e52bd9a49

    • SHA1

      d2891928551f2adff238547c7cae4e3fef7cc057

    • SHA256

      a83b8dfadf92be244ccc6b2964eea2f67e0c807befa3ab969a68ee321be583dd

    • SHA512

      1d609711a21609d3bc3df80d3616ef388f32e0adcb9af865bfa3aeb9c61f81e099e5591cdecbe5412a4ea18ef236043c977faad4245ae45fd58eeb15119715ab

    Score
    10/10
    chinese_generic_botnetbotnetpersistence

    • Generic Chinese Botnet

      A botnet originating from China which is currently unnamed publicly.

      botnetchinese_generic_botnet

    • Chinese Botnet Payload

      botnet

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks