Overview

overview

10

Static

static

3

e4f58ce977...9f.exe

windows7-x64

10

e4f58ce977...9f.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e4f58ce9777bdc2aede3ec7e2d03540417a9e145929aa94d042e5ec4e441c19f

  • Size

    636KB

  • Sample

    231002-m19t2sba76

  • MD5

    97d7cd02edcf10c9080bd2284a46fc1b

  • SHA1

    e179694627f7a194e492461ed58fa875e0b2f127

  • SHA256

    e4f58ce9777bdc2aede3ec7e2d03540417a9e145929aa94d042e5ec4e441c19f

  • SHA512

    b272f7abde944e24695f33ec141deb35e3e6c641151d70f76234f218794be4d15817f9baa537051b22613f188116960e533c3f4d5b9e489ba98f1e34d5fd03d9

  • SSDEEP

    6144:ZWMjNEqWNAML6edtpVYSDvEocoBMPAC6aRMJHaCVJw+0:Zvuq2RL3ddLEc9C6aOJ6t

Score
10/10
chinese_generic_botnetbotnetpersistence

Malware Config

Targets

    • Target

      e4f58ce9777bdc2aede3ec7e2d03540417a9e145929aa94d042e5ec4e441c19f

    • Size

      636KB

    • MD5

      97d7cd02edcf10c9080bd2284a46fc1b

    • SHA1

      e179694627f7a194e492461ed58fa875e0b2f127

    • SHA256

      e4f58ce9777bdc2aede3ec7e2d03540417a9e145929aa94d042e5ec4e441c19f

    • SHA512

      b272f7abde944e24695f33ec141deb35e3e6c641151d70f76234f218794be4d15817f9baa537051b22613f188116960e533c3f4d5b9e489ba98f1e34d5fd03d9

    • SSDEEP

      6144:ZWMjNEqWNAML6edtpVYSDvEocoBMPAC6aRMJHaCVJw+0:Zvuq2RL3ddLEc9C6aOJ6t

    Score
    10/10
    chinese_generic_botnetbotnetpersistence

    • Generic Chinese Botnet

      A botnet originating from China which is currently unnamed publicly.

      botnetchinese_generic_botnet

    • Chinese Botnet payload

      botnet

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks