General
-
Target
6fd3ed4b2d734357415467c53029248b7f08f0cdaa01b28a053bddc1151c7d2a
-
Size
5.8MB
-
Sample
230810-nws66scd78
-
MD5
19504b9af92b371ec5c786fb858f2258
-
SHA1
7abba1f59a7352208ae9a08b65f49920ac2ff379
-
SHA256
6fd3ed4b2d734357415467c53029248b7f08f0cdaa01b28a053bddc1151c7d2a
-
SHA512
9ef2e83f64974d870c98101a474763128afb674caf73c644771c2f13e0e75e49525f1aa7596d8c5a0fd6355ec5b184e48bfb6f316b13b98cb1d2bdfc9fdc00d1
-
SSDEEP
98304:AqVQ4tml/iUm4XHb8vFtYkQsrSz9rAmLJHORm6UJamI3LeojzZARZpkAdcc6IjWF:/J+jX7oDPrSpru+W3KMZkvdagNXhJs0I
Malware Config
Targets
-
-
Target
6fd3ed4b2d734357415467c53029248b7f08f0cdaa01b28a053bddc1151c7d2a
-
Size
5.8MB
-
MD5
19504b9af92b371ec5c786fb858f2258
-
SHA1
7abba1f59a7352208ae9a08b65f49920ac2ff379
-
SHA256
6fd3ed4b2d734357415467c53029248b7f08f0cdaa01b28a053bddc1151c7d2a
-
SHA512
9ef2e83f64974d870c98101a474763128afb674caf73c644771c2f13e0e75e49525f1aa7596d8c5a0fd6355ec5b184e48bfb6f316b13b98cb1d2bdfc9fdc00d1
-
SSDEEP
98304:AqVQ4tml/iUm4XHb8vFtYkQsrSz9rAmLJHORm6UJamI3LeojzZARZpkAdcc6IjWF:/J+jX7oDPrSpru+W3KMZkvdagNXhJs0I
Score10/10-
Generic Chinese Botnet
A botnet originating from China which is currently unnamed publicly.
-
Chinese Botnet payload
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-