Overview

overview

10

Static

static

Server.zp.exe

windows7-x64

10

Server.zp.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Server.zp.exe

  • Size

    636KB

  • Sample

    220818-q6dkksacf3

  • MD5

    f8679f43fd59185c80ed2a33c578bfdc

  • SHA1

    85fe30dda2bffc4cee09112039a62aa213c45ea7

  • SHA256

    8e016ae7a6e986c9c57284c8677d455ca29d71c01e9e9bb2c9d99f6b8ef97a2a

  • SHA512

    89505707d11c7be877af2776a3ffc2674378036e15629dd425d53aab8f7e86a9dfcbc7ad2b10be778b87d1f20df5503b64825ec6834b64fb726e9a3b12a5cf0c

  • SSDEEP

    12288:qQ9ge7xEIov+RLhJXCdCg22r/HoFN6WtljaElIaY:qk7GI0+R95Cgg5/HoFN6WtljaEyaY

Score
10/10
chinese_generic_botnetbotnet

Malware Config

Targets

    • Target

      Server.zp.exe

    • Size

      636KB

    • MD5

      f8679f43fd59185c80ed2a33c578bfdc

    • SHA1

      85fe30dda2bffc4cee09112039a62aa213c45ea7

    • SHA256

      8e016ae7a6e986c9c57284c8677d455ca29d71c01e9e9bb2c9d99f6b8ef97a2a

    • SHA512

      89505707d11c7be877af2776a3ffc2674378036e15629dd425d53aab8f7e86a9dfcbc7ad2b10be778b87d1f20df5503b64825ec6834b64fb726e9a3b12a5cf0c

    • SSDEEP

      12288:qQ9ge7xEIov+RLhJXCdCg22r/HoFN6WtljaElIaY:qk7GI0+R95Cgg5/HoFN6WtljaEyaY

    Score
    10/10
    chinese_generic_botnetbotnet

    • Generic Chinese Botnet

      A botnet originating from China which is currently unnamed publicly.

      botnetchinese_generic_botnet

    • Chinese Botnet payload

      botnet

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks