Overview

overview

10

Static

static

3

1c4a913ffc...52.dll

windows7-x64

10

1c4a913ffc...52.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1c4a913ffcc6f2a4934692f2b0294f2a2fc488100a7f3cdebc6b1e1180340752

  • Size

    105KB

  • Sample

    230829-dcc1qscf4y

  • MD5

    576b1abb539be5085a054f00b58d2ca9

  • SHA1

    c52fcb422d99ac9764c2f5688d1476a55969a980

  • SHA256

    1c4a913ffcc6f2a4934692f2b0294f2a2fc488100a7f3cdebc6b1e1180340752

  • SHA512

    6ffb7b743581747f1d02d7f65a8dcfab03d6b29743d42f3d47870faa7494617d6f3436bff25f2727fd224dd4469b3b8357c891096fd9f0c31d2d2b6f35425f34

  • SSDEEP

    1536:IJLM+cWIWGZpnMM0N12XvcBuqsu0+6ma+McfHfjsWjcdFjVODSTRD:kLM+epZpnT0NIXLFP+t/MFjVO+VD

Score
10/10
chinese_generic_botnetbotnetpersistence

Malware Config

Targets

    • Target

      1c4a913ffcc6f2a4934692f2b0294f2a2fc488100a7f3cdebc6b1e1180340752

    • Size

      105KB

    • MD5

      576b1abb539be5085a054f00b58d2ca9

    • SHA1

      c52fcb422d99ac9764c2f5688d1476a55969a980

    • SHA256

      1c4a913ffcc6f2a4934692f2b0294f2a2fc488100a7f3cdebc6b1e1180340752

    • SHA512

      6ffb7b743581747f1d02d7f65a8dcfab03d6b29743d42f3d47870faa7494617d6f3436bff25f2727fd224dd4469b3b8357c891096fd9f0c31d2d2b6f35425f34

    • SSDEEP

      1536:IJLM+cWIWGZpnMM0N12XvcBuqsu0+6ma+McfHfjsWjcdFjVODSTRD:kLM+epZpnT0NIXLFP+t/MFjVO+VD

    Score
    10/10
    chinese_generic_botnetbotnetpersistence

    • Generic Chinese Botnet

      A botnet originating from China which is currently unnamed publicly.

      botnetchinese_generic_botnet

    • Chinese Botnet payload

      botnet

    • Blocklisted process makes network request

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks