General
-
Target
6f3c5beb8ae5c15c8b2931ea2c2e1223dce24b109352118112faefef681a7b00
-
Size
5.8MB
-
Sample
230810-nahtbaea91
-
MD5
fc58c304dc6df3e9df194e0048dc3cc6
-
SHA1
b35a41e940ffcc68ab03d60c7398bfeb781bf0f4
-
SHA256
6f3c5beb8ae5c15c8b2931ea2c2e1223dce24b109352118112faefef681a7b00
-
SHA512
801175fed116707a42f2fa0f737731f6bf247bbede8459698752e8b464644b39ee4eaddfaf4cead56e5766d548ae691fc23653b8a5d85cfb39228186567667d7
-
SSDEEP
98304:AqVQ4tml/iUm4XHb8vFtYkQWrSz9rAmLJHORm6UJamI3LeojzZARZpkAdcc6IjWF:/J+jX7oDhrSpru+W3KMZkvdagNXhJs0I
Static task
static1
Behavioral task
behavioral1
Sample
6f3c5beb8ae5c15c8b2931ea2c2e1223dce24b109352118112faefef681a7b00.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
6f3c5beb8ae5c15c8b2931ea2c2e1223dce24b109352118112faefef681a7b00.exe
Resource
win10v2004-20230703-en
Malware Config
Targets
-
-
Target
6f3c5beb8ae5c15c8b2931ea2c2e1223dce24b109352118112faefef681a7b00
-
Size
5.8MB
-
MD5
fc58c304dc6df3e9df194e0048dc3cc6
-
SHA1
b35a41e940ffcc68ab03d60c7398bfeb781bf0f4
-
SHA256
6f3c5beb8ae5c15c8b2931ea2c2e1223dce24b109352118112faefef681a7b00
-
SHA512
801175fed116707a42f2fa0f737731f6bf247bbede8459698752e8b464644b39ee4eaddfaf4cead56e5766d548ae691fc23653b8a5d85cfb39228186567667d7
-
SSDEEP
98304:AqVQ4tml/iUm4XHb8vFtYkQWrSz9rAmLJHORm6UJamI3LeojzZARZpkAdcc6IjWF:/J+jX7oDhrSpru+W3KMZkvdagNXhJs0I
Score10/10-
Generic Chinese Botnet
A botnet originating from China which is currently unnamed publicly.
-
Chinese Botnet payload
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-