chinese_generic_botnet | ff526968ee5a3aa4891f5e9bf0ac2790797762b5eaf34d47f5058f64c5908a13 | Triage

Submit
Reports

Overview

overview

Static

static

1

ZJ.exe

windows7-x64

ZJ.exe

windows10-2004-x64

Sharing

General

Target

ZJ.exe
Size

2.3MB
Sample

230418-wwr8wafa2v
MD5

1610c7cceefdeae7b7ac5367c73d040f
SHA1

f4387ef0b446a41909ab27437d1926cefd51c28a
SHA256

ff526968ee5a3aa4891f5e9bf0ac2790797762b5eaf34d47f5058f64c5908a13
SHA512

9e44567d492a080ba487f651fc808f4ea1ecab6e142bb47dca462175b88b2859d0ee4b9bc7399ffee880ada5897d31333e243b6509450829edb81cddf83140f5
SSDEEP

49152:wVPKtAZe39RT9D2PwgOWH3+E3B2EU9Dcg7ODwI5p/2QAm15fHoFN6WtljaEy93aB:EKSgtRT52nOWHrR2EUigUD5p/2QAofHl

Score

10^/10

chinese_generic_botnet botnet

Static task

static1

Behavioral task

behavioral1

Sample

ZJ.exe

Resource

win7-20230220-en

chinese_generic_botnet botnet

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

ZJ.exe

Resource

win10v2004-20230220-en

chinese_generic_botnet botnet

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  ZJ.exe
- Size
  
  2.3MB
- MD5
  
  1610c7cceefdeae7b7ac5367c73d040f
- SHA1
  
  f4387ef0b446a41909ab27437d1926cefd51c28a
- SHA256
  
  ff526968ee5a3aa4891f5e9bf0ac2790797762b5eaf34d47f5058f64c5908a13
- SHA512
  
  9e44567d492a080ba487f651fc808f4ea1ecab6e142bb47dca462175b88b2859d0ee4b9bc7399ffee880ada5897d31333e243b6509450829edb81cddf83140f5
- SSDEEP
  
  49152:wVPKtAZe39RT9D2PwgOWH3+E3B2EU9Dcg7ODwI5p/2QAm15fHoFN6WtljaEy93aB:EKSgtRT52nOWHrR2EUigUD5p/2QAofHl
Score

10^/10

chinese_generic_botnet botnet
- Generic Chinese Botnet
  A botnet originating from China which is currently unnamed publicly.
  botnet chinese_generic_botnet
- Chinese Botnet payload
  botnet
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

chinese_generic_botnetbotnet

behavioral2

chinese_generic_botnetbotnet

© 2018-2024

Terms | Privacy