Overview

overview

10

Static

static

3

3351ac292f...46.exe

windows7-x64

10

3351ac292f...46.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3351ac292fd921a75e41b7bda501be4cfd6f551236c3b10bf6258ffed27c7146

  • Size

    352KB

  • Sample

    230814-qad68sea9t

  • MD5

    cbf902314b0080095e39f4e8dd2e7f9c

  • SHA1

    e9735cb4ef89d323e5df20fbd9b57bafdd6afea3

  • SHA256

    3351ac292fd921a75e41b7bda501be4cfd6f551236c3b10bf6258ffed27c7146

  • SHA512

    26f12100aacaba41890faf3fc7c5f6b25607d4f3ba1f66337c484b11a52c9e27e0a7061c8dde9c8a8b2305a766387e4659c801150fcab00989187750128deca5

  • SSDEEP

    3072:fAAdrtFV2GenT0cTtm2LAQSXVqjzpYfJhcw7E:Vx2GenQ67wk3pyJhcw

Score
10/10
chinese_generic_botnetbotnetpersistence

Malware Config

Targets

    • Target

      3351ac292fd921a75e41b7bda501be4cfd6f551236c3b10bf6258ffed27c7146

    • Size

      352KB

    • MD5

      cbf902314b0080095e39f4e8dd2e7f9c

    • SHA1

      e9735cb4ef89d323e5df20fbd9b57bafdd6afea3

    • SHA256

      3351ac292fd921a75e41b7bda501be4cfd6f551236c3b10bf6258ffed27c7146

    • SHA512

      26f12100aacaba41890faf3fc7c5f6b25607d4f3ba1f66337c484b11a52c9e27e0a7061c8dde9c8a8b2305a766387e4659c801150fcab00989187750128deca5

    • SSDEEP

      3072:fAAdrtFV2GenT0cTtm2LAQSXVqjzpYfJhcw7E:Vx2GenQ67wk3pyJhcw

    Score
    10/10
    chinese_generic_botnetbotnetpersistence

    • Generic Chinese Botnet

      A botnet originating from China which is currently unnamed publicly.

      botnetchinese_generic_botnet

    • Chinese Botnet payload

      botnet

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks