Overview

overview

10

Static

static

1

SL.exe

windows7-x64

10

SL.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SL.exe

  • Size

    3.5MB

  • Sample

    230418-wwmy6adc45

  • MD5

    93c2a75c217a41953020ca05fca91b6e

  • SHA1

    1a8fa114340d28093ce669dc6617c4e008be9508

  • SHA256

    aa4e98cc1072e0e9fd534328ed914142d95ae656ad8c7d1ef78c3240053a56a3

  • SHA512

    53e7d9dee6ca5f50ca5a9523ed50449e469dced460b78daea33b730465380992a33a5b79365cc464e6d50f2a487b0c6536856b9dfdf1dce8c8529ee66c9fa663

  • SSDEEP

    98304:hN8AFvakR4CspOvm8bkLOLqP3IHoFN6WtljaEy9OFLOAkGkzdnEVomFHKnPg:hvpFqOLqP3IHmN6WtljaEy4FLOyomFHj

Score
10/10
chinese_generic_botnetbotnet

Malware Config

Targets

    • Target

      SL.exe

    • Size

      3.5MB

    • MD5

      93c2a75c217a41953020ca05fca91b6e

    • SHA1

      1a8fa114340d28093ce669dc6617c4e008be9508

    • SHA256

      aa4e98cc1072e0e9fd534328ed914142d95ae656ad8c7d1ef78c3240053a56a3

    • SHA512

      53e7d9dee6ca5f50ca5a9523ed50449e469dced460b78daea33b730465380992a33a5b79365cc464e6d50f2a487b0c6536856b9dfdf1dce8c8529ee66c9fa663

    • SSDEEP

      98304:hN8AFvakR4CspOvm8bkLOLqP3IHoFN6WtljaEy9OFLOAkGkzdnEVomFHKnPg:hvpFqOLqP3IHmN6WtljaEy4FLOyomFHj

    Score
    10/10
    chinese_generic_botnetbotnet

    • Generic Chinese Botnet

      A botnet originating from China which is currently unnamed publicly.

      botnetchinese_generic_botnet

    • Chinese Botnet payload

      botnet

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks