chinese_generic_botnet | ebae15aba3e02649b04dd0ff7391fedd37f25fcafff43240cf74522b50a63515 | Triage

Sharing

General

Target

ebae15aba3e02649b04dd0ff7391fedd37f25fcafff43240cf74522b50a63515
Size

3.3MB
Sample

231019-kcg31seh7s
MD5

4c2c1b495ec564c56c378b75b5f43381
SHA1

11571e5ffb21b432f2aa1cb47aa8700f75502f47
SHA256

ebae15aba3e02649b04dd0ff7391fedd37f25fcafff43240cf74522b50a63515
SHA512

513676a5c627582b489fea3755b41b1b155ff8e5983957e6a65a835feeca6ed0dfb77814eb9671b90f1563a6d77d82acd7d4fbdbb6aa84ddfc419ae6ee3694d0
SSDEEP

49152:t/fCr0xi03zDWi26fs2cWDAbcl7jkv4+9Ry4kjCz:t/fCgT0uDhEv4n4M

Score

10^/10

chinese_generic_botnet botnet persistence

Malware Config

Targets

- Target
  
  ebae15aba3e02649b04dd0ff7391fedd37f25fcafff43240cf74522b50a63515
- Size
  
  3.3MB
- MD5
  
  4c2c1b495ec564c56c378b75b5f43381
- SHA1
  
  11571e5ffb21b432f2aa1cb47aa8700f75502f47
- SHA256
  
  ebae15aba3e02649b04dd0ff7391fedd37f25fcafff43240cf74522b50a63515
- SHA512
  
  513676a5c627582b489fea3755b41b1b155ff8e5983957e6a65a835feeca6ed0dfb77814eb9671b90f1563a6d77d82acd7d4fbdbb6aa84ddfc419ae6ee3694d0
- SSDEEP
  
  49152:t/fCr0xi03zDWi26fs2cWDAbcl7jkv4+9Ry4kjCz:t/fCgT0uDhEv4n4M
Score

10^/10

chinese_generic_botnet botnet persistence
- Generic Chinese Botnet
  A botnet originating from China which is currently unnamed publicly.
  botnet chinese_generic_botnet
- Chinese Botnet payload
  botnet
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

chinese_generic_botnetbotnetpersistence

behavioral2

chinese_generic_botnetbotnetpersistence