chinese_generic_botnet | d1aaa7e7d31bf648c57f0c721d6f6ee2b17395b4e09d9d89a4f6dbd5dd706a8e | Triage

Submit
Reports

Overview

overview

Static

static

20beeb0a82...be.exe

windows7-x64

20beeb0a82...be.exe

windows10-2004-x64

Sharing

General

Target

20beeb0a82adcce3a58372804acc46be.exe
Size

400KB
Sample

221030-wtevrsebhk
MD5

20beeb0a82adcce3a58372804acc46be
SHA1

c579d9017d2c8298fe075ff5c05963901330e72a
SHA256

d1aaa7e7d31bf648c57f0c721d6f6ee2b17395b4e09d9d89a4f6dbd5dd706a8e
SHA512

7636912ba6323063cefb7fac5a6cff9e44a474e452a4d5d4f77ef88968266de184c68112e3667585e02e811781f51ee020e61ce820e3f9a38dcfdf30e6d522bd
SSDEEP

3072:sAAdrtFV2GenT0cTtm2LAQSXVqjzpYfJhpw7EHbH0hLNZ:ux2GenQ67wk3pyJhpwkUTZ

Score

10^/10

chinese_generic_botnet botnet persistence

Static task

static1

Behavioral task

behavioral1

Sample

20beeb0a82adcce3a58372804acc46be.exe

Resource

win7-20220901-en

chinese_generic_botnet botnet

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

20beeb0a82adcce3a58372804acc46be.exe

Resource

win10v2004-20220901-en

chinese_generic_botnet botnet persistence

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  20beeb0a82adcce3a58372804acc46be.exe
- Size
  
  400KB
- MD5
  
  20beeb0a82adcce3a58372804acc46be
- SHA1
  
  c579d9017d2c8298fe075ff5c05963901330e72a
- SHA256
  
  d1aaa7e7d31bf648c57f0c721d6f6ee2b17395b4e09d9d89a4f6dbd5dd706a8e
- SHA512
  
  7636912ba6323063cefb7fac5a6cff9e44a474e452a4d5d4f77ef88968266de184c68112e3667585e02e811781f51ee020e61ce820e3f9a38dcfdf30e6d522bd
- SSDEEP
  
  3072:sAAdrtFV2GenT0cTtm2LAQSXVqjzpYfJhpw7EHbH0hLNZ:ux2GenQ67wk3pyJhpwkUTZ
Score

10^/10

chinese_generic_botnet botnet persistence
- Generic Chinese Botnet
  A botnet originating from China which is currently unnamed publicly.
  botnet chinese_generic_botnet
- Chinese Botnet payload
  botnet
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

chinese_generic_botnetbotnet

behavioral2

chinese_generic_botnetbotnetpersistence

© 2018-2024

Terms | Privacy