chinese_generic_botnet | 6c6e4c6cf38a5a5e7b180a08ec0c74a34c8a569d280af665a29ce02c7b10e678 | Triage

Sharing

General

Target

6c6e4c6cf38a5a5e7b180a08ec0c74a34c8a569d280af665a29ce02c7b10e678
Size

1004KB
Sample

230822-3g67tagb84
MD5

73639ed559bd66109f502a52615058b5
SHA1

82b6fe35c2ab91bba9dd93dab12bac61ca035d91
SHA256

6c6e4c6cf38a5a5e7b180a08ec0c74a34c8a569d280af665a29ce02c7b10e678
SHA512

5a1b21a2c69cb7df2f63a82d03c20beaacbd01cb8d37f3286cbd1596fc5f1ffbdd63d842ebd0a5725b83b00e6f9e08805725b430fc66573e1a4956189a44f5c9
SSDEEP

6144:pyq9ptgIsxITrY0f7/yGsHVjz828P7uk:NxgIsxITrLf7KH1jz8k

Score

10^/10

chinese_generic_botnet botnet persistence

Malware Config

Targets

- Target
  
  6c6e4c6cf38a5a5e7b180a08ec0c74a34c8a569d280af665a29ce02c7b10e678
- Size
  
  1004KB
- MD5
  
  73639ed559bd66109f502a52615058b5
- SHA1
  
  82b6fe35c2ab91bba9dd93dab12bac61ca035d91
- SHA256
  
  6c6e4c6cf38a5a5e7b180a08ec0c74a34c8a569d280af665a29ce02c7b10e678
- SHA512
  
  5a1b21a2c69cb7df2f63a82d03c20beaacbd01cb8d37f3286cbd1596fc5f1ffbdd63d842ebd0a5725b83b00e6f9e08805725b430fc66573e1a4956189a44f5c9
- SSDEEP
  
  6144:pyq9ptgIsxITrY0f7/yGsHVjz828P7uk:NxgIsxITrLf7KH1jz8k
Score

10^/10

chinese_generic_botnet botnet persistence
- Generic Chinese Botnet
  A botnet originating from China which is currently unnamed publicly.
  botnet chinese_generic_botnet
- Chinese Botnet payload
  botnet
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

chinese_generic_botnetbotnetpersistence

behavioral2

chinese_generic_botnetbotnetpersistence