Overview

overview

10

Static

static

3

5987533151...6d.exe

windows7-x64

10

5987533151...6d.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    154s
  • max time network
    159s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231020-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22-10-2023 07:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    59875331514cd48d53e0a25aad1a1b63abe7b678bdc960fc70b20b7dc2ae846d.exe

  • Size

    352KB

  • MD5

    a83e8401e77d98c2774e97f0040929d1

  • SHA1

    1f66f6e6601ea5ddcd2bf037ed98f680ae1a1e41

  • SHA256

    59875331514cd48d53e0a25aad1a1b63abe7b678bdc960fc70b20b7dc2ae846d

  • SHA512

    1c61199b5a532bb9c61472f7d9ea62b324c50af0ac79a5c0c78b000b722a791c90488a80833115ed1c0b3ecda6f74fb48d9ec5efff71153d99c4e3e713456ee8

  • SSDEEP

    3072:fAAdrt8RlVl4bbZlVzWAX6bN56wV14gL7E:VjDVzWs6X6wV14gL

Score
10/10
chinese_generic_botnetbotnet

Malware Config

Signatures

  • Generic Chinese Botnet

    A botnet originating from China which is currently unnamed publicly.

    botnetchinese_generic_botnet
  • Chinese Botnet payload 1 IoCs
    botnet
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious behavior: RenamesItself 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\59875331514cd48d53e0a25aad1a1b63abe7b678bdc960fc70b20b7dc2ae846d.exe
    "C:\Users\Admin\AppData\Local\Temp\59875331514cd48d53e0a25aad1a1b63abe7b678bdc960fc70b20b7dc2ae846d.exe"
    1⤵
    • Suspicious behavior: RenamesItself
    PID:516

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/516-0-0x0000000010000000-0x0000000010018000-memory.dmp

    Filesize

    96KB

    Download