Overview

overview

10

Static

static

tmp.exe

windows7-x64

10

tmp.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    tmp

  • Size

    636KB

  • Sample

    220913-xzrl7accbm

  • MD5

    4eadf484bffce3949bb415eb91f39b50

  • SHA1

    9145789c61a7d8add1eb88576518845071eed30a

  • SHA256

    840c38223bd6dd36e5bbe2973347c807229216e0d701a832f9b33d055e29deb6

  • SHA512

    a45c2694f085804d9538807844eb5702c91af3902aae01be12b56c8f193028e5fa5aacadf7c715957c7e7b3fe066079f2b9a56962cc46410026cdc2917e1ca90

  • SSDEEP

    12288:7wwc5geugC5PmgEAuptqcXNi2f/HoFN6WtljaElIaY:c5u35zIpccXNp/HoFN6WtljaEyaY

Score
10/10
chinese_generic_botnetbotnet

Malware Config

Targets

    • Target

      tmp

    • Size

      636KB

    • MD5

      4eadf484bffce3949bb415eb91f39b50

    • SHA1

      9145789c61a7d8add1eb88576518845071eed30a

    • SHA256

      840c38223bd6dd36e5bbe2973347c807229216e0d701a832f9b33d055e29deb6

    • SHA512

      a45c2694f085804d9538807844eb5702c91af3902aae01be12b56c8f193028e5fa5aacadf7c715957c7e7b3fe066079f2b9a56962cc46410026cdc2917e1ca90

    • SSDEEP

      12288:7wwc5geugC5PmgEAuptqcXNi2f/HoFN6WtljaElIaY:c5u35zIpccXNp/HoFN6WtljaEyaY

    Score
    10/10
    chinese_generic_botnetbotnet

    • Generic Chinese Botnet

      A botnet originating from China which is currently unnamed publicly.

      botnetchinese_generic_botnet

    • Chinese Botnet payload

      botnet

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks