Overview

overview

10

Static

static

3

ac6031032a...0f.exe

windows7-x64

10

ac6031032a...0f.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ac6031032aa78a2d47d0956ed94d71920bc849d634006c2b46b138e8593add0f

  • Size

    356KB

  • Sample

    231028-xf4gmsgc72

  • MD5

    6b96baef4479a4b649e66bcc386fa3bf

  • SHA1

    450858c469c2b71039ef7aebdd23ba091b8ee192

  • SHA256

    ac6031032aa78a2d47d0956ed94d71920bc849d634006c2b46b138e8593add0f

  • SHA512

    db6562b341d77cd2b0b4acee27d02fb38a4be7ad6223670cf10bf555390d26e906ff462acbb664c8b222cc0e842ad89942e65a365d4061a46160011e9f832030

  • SSDEEP

    1536:riRtp/YdUQtoRp13IOkQNXVfhNrqjlPQbd7MnHDpsOf2AD92KO9AZCM7ED:rAAdrtoRP3DX9hNujlPQb6nr2KOE7ED

Score
10/10
chinese_generic_botnetbotnetpersistence

Malware Config

Targets

    • Target

      ac6031032aa78a2d47d0956ed94d71920bc849d634006c2b46b138e8593add0f

    • Size

      356KB

    • MD5

      6b96baef4479a4b649e66bcc386fa3bf

    • SHA1

      450858c469c2b71039ef7aebdd23ba091b8ee192

    • SHA256

      ac6031032aa78a2d47d0956ed94d71920bc849d634006c2b46b138e8593add0f

    • SHA512

      db6562b341d77cd2b0b4acee27d02fb38a4be7ad6223670cf10bf555390d26e906ff462acbb664c8b222cc0e842ad89942e65a365d4061a46160011e9f832030

    • SSDEEP

      1536:riRtp/YdUQtoRp13IOkQNXVfhNrqjlPQbd7MnHDpsOf2AD92KO9AZCM7ED:rAAdrtoRP3DX9hNujlPQb6nr2KOE7ED

    Score
    10/10
    chinese_generic_botnetbotnetpersistence

    • Generic Chinese Botnet

      A botnet originating from China which is currently unnamed publicly.

      botnetchinese_generic_botnet

    • Chinese Botnet payload

      botnet

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks