General
-
Target
922b693de9579da71cb893c1ed0fb75bdbb6f6ce9684f6549d3f12b202704302
-
Size
3.1MB
-
Sample
230413-eldt3aaf4x
-
MD5
4d6175dd80a5696b672a54c60e88fc0d
-
SHA1
97ff12946f0701a7535ac58d35461bb429ab385c
-
SHA256
922b693de9579da71cb893c1ed0fb75bdbb6f6ce9684f6549d3f12b202704302
-
SHA512
43ec95734baa2382f4fc8ca21a919b23a3f95c715d797a22da921eb10b64af5a78b7b6618bea322969a81f1cdea27a71f94f256ea68d0fe8ea4e62ee74507b3a
-
SSDEEP
98304:2Z9KU4N0c8jAymp3HT1UO+YCezFLOAkGkzdnEVomFHKnPI:2ZbJO+YCezFLOyomFHKnPI
Malware Config
Targets
-
-
Target
922b693de9579da71cb893c1ed0fb75bdbb6f6ce9684f6549d3f12b202704302
-
Size
3.1MB
-
MD5
4d6175dd80a5696b672a54c60e88fc0d
-
SHA1
97ff12946f0701a7535ac58d35461bb429ab385c
-
SHA256
922b693de9579da71cb893c1ed0fb75bdbb6f6ce9684f6549d3f12b202704302
-
SHA512
43ec95734baa2382f4fc8ca21a919b23a3f95c715d797a22da921eb10b64af5a78b7b6618bea322969a81f1cdea27a71f94f256ea68d0fe8ea4e62ee74507b3a
-
SSDEEP
98304:2Z9KU4N0c8jAymp3HT1UO+YCezFLOAkGkzdnEVomFHKnPI:2ZbJO+YCezFLOyomFHKnPI
Score10/10-
Generic Chinese Botnet
A botnet originating from China which is currently unnamed publicly.
-
Chinese Botnet payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-