chinese_generic_botnet | 4b7282953ad7e563143d8cc8c3dd1473216553d4ce5d7a4f8910af46db1298be | Triage

Sharing

General

Target

4b7282953ad7e563143d8cc8c3dd1473216553d4ce5d7a4f8910af46db1298be
Size

3.4MB
Sample

231211-m1vecseaf4
MD5

bdc7134d3e51b4aa6c90d02ab73e1e33
SHA1

780e8d4c1fd6da9db9355af1245aa0bb0443ea5f
SHA256

4b7282953ad7e563143d8cc8c3dd1473216553d4ce5d7a4f8910af46db1298be
SHA512

6665d22a8014e85dff430eaba65890e65ec3c240c21dca153a109049ca6633efb845fd95182b212420645271e6d0b28065145333d0dbc18e3aafabbf9e55bc4b
SSDEEP

49152:x/s8xxi03zDWi26fs2cWDAbcl7j1v4+9Ry4kjC8X9:x/s8xT0uDhVv4n4M1

Score

10^/10

chinese_generic_botnet botnet persistence

Malware Config

Targets

- Target
  
  4b7282953ad7e563143d8cc8c3dd1473216553d4ce5d7a4f8910af46db1298be
- Size
  
  3.4MB
- MD5
  
  bdc7134d3e51b4aa6c90d02ab73e1e33
- SHA1
  
  780e8d4c1fd6da9db9355af1245aa0bb0443ea5f
- SHA256
  
  4b7282953ad7e563143d8cc8c3dd1473216553d4ce5d7a4f8910af46db1298be
- SHA512
  
  6665d22a8014e85dff430eaba65890e65ec3c240c21dca153a109049ca6633efb845fd95182b212420645271e6d0b28065145333d0dbc18e3aafabbf9e55bc4b
- SSDEEP
  
  49152:x/s8xxi03zDWi26fs2cWDAbcl7j1v4+9Ry4kjC8X9:x/s8xT0uDhVv4n4M1
Score

10^/10

chinese_generic_botnet botnet persistence
- Generic Chinese Botnet
  A botnet originating from China which is currently unnamed publicly.
  botnet chinese_generic_botnet
- Chinese Botnet payload
  botnet
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

chinese_generic_botnetbotnetpersistence

behavioral2

chinese_generic_botnetbotnetpersistence