chinese_generic_botnet | d7420275fec10fe9b857d9a7688e50e86534f0aab151c5e766fc74833f34e478 | Triage

Submit
Reports

Overview

overview

Static

static

Sr.exe

windows7-x64

Sr.exe

windows10-2004-x64

Sharing

General

Target

Sr.exe
Size

1.0MB
Sample

221015-b7nplsfafn
MD5

6f4fc9a2f722fb24d5944c3720c8e086
SHA1

47b9064ae4db4974776bf8bd1bba8840b77124d2
SHA256

d7420275fec10fe9b857d9a7688e50e86534f0aab151c5e766fc74833f34e478
SHA512

6e3c4ebc7738115862e935b7cb18271969df1b2d54b49415d2500294b6391fb8f0dad0fe18bbeb69b865ecb40478ecad9c46e7b65c443e6445047164cf82f9e2
SSDEEP

6144:3yq9ptgIsxITrY0jTxx7B+G9gZ6Ae2y8Uk:vxgIsxITrLjlx7B+BZR2

Score

10^/10

chinese_generic_botnet botnet persistence

Static task

static1

Behavioral task

behavioral1

Sample

Sr.exe

Resource

win7-20220812-en

chinese_generic_botnet botnet

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

Sr.exe

Resource

win10v2004-20220812-en

chinese_generic_botnet botnet persistence

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  Sr.exe
- Size
  
  1.0MB
- MD5
  
  6f4fc9a2f722fb24d5944c3720c8e086
- SHA1
  
  47b9064ae4db4974776bf8bd1bba8840b77124d2
- SHA256
  
  d7420275fec10fe9b857d9a7688e50e86534f0aab151c5e766fc74833f34e478
- SHA512
  
  6e3c4ebc7738115862e935b7cb18271969df1b2d54b49415d2500294b6391fb8f0dad0fe18bbeb69b865ecb40478ecad9c46e7b65c443e6445047164cf82f9e2
- SSDEEP
  
  6144:3yq9ptgIsxITrY0jTxx7B+G9gZ6Ae2y8Uk:vxgIsxITrLjlx7B+BZR2
Score

10^/10

chinese_generic_botnet botnet persistence
- Generic Chinese Botnet
  A botnet originating from China which is currently unnamed publicly.
  botnet chinese_generic_botnet
- Chinese Botnet payload
  botnet
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

chinese_generic_botnetbotnet

behavioral2

chinese_generic_botnetbotnetpersistence

© 2018-2024

Terms | Privacy