General
-
Target
e4b486fc6c9c138067e0b4e58f71125bc40dc27962f6bd8b361410183ee586fb
-
Size
435KB
-
Sample
220326-s6a6kaahfp
-
MD5
fcf12b1a2765889b9d7457c56a70a4ab
-
SHA1
985a5cbaf7673d54117b4a0c8a280a19ada3dd6c
-
SHA256
e4b486fc6c9c138067e0b4e58f71125bc40dc27962f6bd8b361410183ee586fb
-
SHA512
c040b3a5f68302b4c23a0407b520b2876c5988a99ed22253e8526169606c5318f5f3ac6b5d5fb4ec95e3e6ce506f821f2dc97d6e3975bf08c50e3541e6e27591
Malware Config
Targets
-
-
Target
e4b486fc6c9c138067e0b4e58f71125bc40dc27962f6bd8b361410183ee586fb
-
Size
435KB
-
MD5
fcf12b1a2765889b9d7457c56a70a4ab
-
SHA1
985a5cbaf7673d54117b4a0c8a280a19ada3dd6c
-
SHA256
e4b486fc6c9c138067e0b4e58f71125bc40dc27962f6bd8b361410183ee586fb
-
SHA512
c040b3a5f68302b4c23a0407b520b2876c5988a99ed22253e8526169606c5318f5f3ac6b5d5fb4ec95e3e6ce506f821f2dc97d6e3975bf08c50e3541e6e27591
Score10/10-
Generic Chinese Botnet
A botnet originating from China which is currently unnamed publicly.
-
Chinese Botnet Payload
-
Executes dropped EXE
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-