chinese_generic_botnet | 0603c201faa179294a7104b3c7f0f86d823f766fdff70ec61073e480309dd0df | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

0603c201fa...df.exe

windows7_x64

0603c201fa...df.exe

windows10-2004_x64

Sharing

General

Target

0603c201faa179294a7104b3c7f0f86d823f766fdff70ec61073e480309dd0df
Size

613KB
Sample

220212-p95b2aedan
MD5

d47f881aab0e1d00a775f38df7cd8835
SHA1

16aa64f660ab69866f52c3348a086a88a7c2a078
SHA256

0603c201faa179294a7104b3c7f0f86d823f766fdff70ec61073e480309dd0df
SHA512

57c8db79534763d4c6b7fa9d3e9208d87966ff861aed975d744d56eb46e4adf0f42096f95754621f76a80e8e242b51d22fff89c6d3e740aad30e863e544e3f5f

Score

10^/10

chinese_generic_botnet botnet persistence

Static task

static1

Behavioral task

behavioral1

Sample

0603c201faa179294a7104b3c7f0f86d823f766fdff70ec61073e480309dd0df.exe

Resource

win7-en-20211208

chinese_generic_botnet botnet persistence

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

0603c201faa179294a7104b3c7f0f86d823f766fdff70ec61073e480309dd0df.exe

Resource

win10v2004-en-20220112

chinese_generic_botnet botnet persistence

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  0603c201faa179294a7104b3c7f0f86d823f766fdff70ec61073e480309dd0df
- Size
  
  613KB
- MD5
  
  d47f881aab0e1d00a775f38df7cd8835
- SHA1
  
  16aa64f660ab69866f52c3348a086a88a7c2a078
- SHA256
  
  0603c201faa179294a7104b3c7f0f86d823f766fdff70ec61073e480309dd0df
- SHA512
  
  57c8db79534763d4c6b7fa9d3e9208d87966ff861aed975d744d56eb46e4adf0f42096f95754621f76a80e8e242b51d22fff89c6d3e740aad30e863e544e3f5f
Score

10^/10

chinese_generic_botnet botnet persistence
- Generic Chinese Botnet
  A botnet originating from China which is currently unnamed publicly.
  botnet chinese_generic_botnet
- Chinese Botnet Payload
  botnet
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

chinese_generic_botnetbotnetpersistence

behavioral2

chinese_generic_botnetbotnetpersistence

© 2018-2025

Terms | Privacy