Overview

overview

10

Static

static

3

Script.exe

windows7-x64

10

Script.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Script.exe

  • Size

    748KB

  • Sample

    230815-ksmy7shg86

  • MD5

    5cdb63f3b705ea40e664394815e2bfb2

  • SHA1

    55d9409906a658531d963291d29b25b980061b3e

  • SHA256

    6644b72d27a0d5a6cc502b3903912a7ccbd292596e946a5c532e42532191fc67

  • SHA512

    b3c9057705d9bf575ca052e4cdad74acb380d2c568f71bd61238e1abf0c067b8e1e247501ce4ae46ed9a9ef96a8d4850b75bbd3c53c78929f236e6573c941a5e

  • SSDEEP

    6144:zHzIhp/8RJg8zO65HoFN6WtljaJul+pw8T:Lkkl5HoFN6WtljaElI9T

Score
10/10
chinese_generic_botnetbotnetpersistence

Malware Config

Targets

    • Target

      Script.exe

    • Size

      748KB

    • MD5

      5cdb63f3b705ea40e664394815e2bfb2

    • SHA1

      55d9409906a658531d963291d29b25b980061b3e

    • SHA256

      6644b72d27a0d5a6cc502b3903912a7ccbd292596e946a5c532e42532191fc67

    • SHA512

      b3c9057705d9bf575ca052e4cdad74acb380d2c568f71bd61238e1abf0c067b8e1e247501ce4ae46ed9a9ef96a8d4850b75bbd3c53c78929f236e6573c941a5e

    • SSDEEP

      6144:zHzIhp/8RJg8zO65HoFN6WtljaJul+pw8T:Lkkl5HoFN6WtljaElI9T

    Score
    10/10
    chinese_generic_botnetbotnetpersistence

    • Generic Chinese Botnet

      A botnet originating from China which is currently unnamed publicly.

      botnetchinese_generic_botnet

    • Chinese Botnet payload

      botnet

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks