General
-
Target
fbf.exe
-
Size
249KB
-
Sample
210926-sdz9zsehfl
-
MD5
fbf3187db919beaddb30ae7e52bd9a49
-
SHA1
d2891928551f2adff238547c7cae4e3fef7cc057
-
SHA256
a83b8dfadf92be244ccc6b2964eea2f67e0c807befa3ab969a68ee321be583dd
-
SHA512
1d609711a21609d3bc3df80d3616ef388f32e0adcb9af865bfa3aeb9c61f81e099e5591cdecbe5412a4ea18ef236043c977faad4245ae45fd58eeb15119715ab
Malware Config
Targets
-
-
Target
fbf.exe
-
Size
249KB
-
MD5
fbf3187db919beaddb30ae7e52bd9a49
-
SHA1
d2891928551f2adff238547c7cae4e3fef7cc057
-
SHA256
a83b8dfadf92be244ccc6b2964eea2f67e0c807befa3ab969a68ee321be583dd
-
SHA512
1d609711a21609d3bc3df80d3616ef388f32e0adcb9af865bfa3aeb9c61f81e099e5591cdecbe5412a4ea18ef236043c977faad4245ae45fd58eeb15119715ab
Score10/10-
Generic Chinese Botnet
A botnet originating from China which is currently unnamed publicly.
-
Chinese Botnet Payload
-
Executes dropped EXE
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-