chinese_generic_botnet | f037ec8fd020a81f781f7754d9656f63e339a1ff3a1ff2f11034972effee1e43

General

Target

f037ec8fd020a81f781f7754d9656f63e339a1ff3a1ff2f11034972effee1e43
Size

2.8MB
MD5

15d55cdd3359963196741068a7ea0596
SHA1

9b6a61dfd5e75fc3a7b786cc127bae2e390e50f2
SHA256

f037ec8fd020a81f781f7754d9656f63e339a1ff3a1ff2f11034972effee1e43
SHA512

dac08d2a51c8a68bcca3766f639d2ebe4d4f7241a07262583dcadd4d0bc6cdbe25efe187a91df95321eefa02b35669dae3c7ef44730f3f8cd1d0bc810c208275
SSDEEP

49152:0pVExi03zDWi26fs2cWDAbclEdvqDM5OywR:0pVET0uDhGiQOywR

Score

10^/10

botnet chinese_generic_botnet

Malware Config

Signatures

Chinese Botnet payload 1 IoCs

botnet

resource	yara_rule
sample	unk_chinese_botnet

Chinese_generic_botnet family
chinese_generic_botnet

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f037ec8fd020a81f781f7754d9656f63e339a1ff3a1ff2f11034972effee1e43

Files

f037ec8fd020a81f781f7754d9656f63e339a1ff3a1ff2f11034972effee1e43
.exe windows x86

4fef9cbafe30eaf2abce3936ccacfc04

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeZoneInformation

user32

MessageBeep

gdi32

PtVisible

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter

advapi32

RegOpenKeyExA

comctl32

ImageList_Destroy

odbc32

ord17

oledlg

ord8

ole32

OleUninitialize

olepro32

ord253

oleaut32

SysAllocStringByteLen

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

shell32

SHGetFolderPathW

Sections

.text
Size: 1.9MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sedata
Size: 888KB - Virtual size: 888KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4fef9cbafe30eaf2abce3936ccacfc04

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

odbc32

oledlg

ole32

olepro32

oleaut32

msvcrt

iphlpapi

psapi

shell32

Sections

.text Size: 1.9MB - Virtual size: 3.0MB

.sedata Size: 888KB - Virtual size: 888KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 4KB

.sedata Size: 4KB - Virtual size: 4KB

.text
Size: 1.9MB - Virtual size: 3.0MB

.sedata
Size: 888KB - Virtual size: 888KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 4KB

.sedata
Size: 4KB - Virtual size: 4KB