Overview

overview

10

Static

static

3

fc8fee6db4...8e.exe

windows7-x64

10

fc8fee6db4...8e.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fc8fee6db44791d4c1f760aa15955e762a6a248a4f0de55d2e8236c9f6235c8e

  • Size

    4.9MB

  • Sample

    231217-vh6nnsged8

  • MD5

    071c933af96d7e3c46a38262d8fe2024

  • SHA1

    b50ece28b9aa85efc0ee040275c3a6029cc927ae

  • SHA256

    fc8fee6db44791d4c1f760aa15955e762a6a248a4f0de55d2e8236c9f6235c8e

  • SHA512

    3bd6e212a775845479709933add0d67df5f0644b256c6b4fd61dbacc4b1a8eb9cdca30a2777c6f9a55a036c482349b87bf4199c1553734ac2096d0a68753d82d

  • SSDEEP

    49152:D8NAsurg//nk7xi03zDWi26fs2cWDAbcl7jkv4+9Ry4kjCzqx:oCsur+/k7T0uDhEv4n4Mf

Score
10/10
chinese_generic_botnetbotnetpersistence

Malware Config

Targets

    • Target

      fc8fee6db44791d4c1f760aa15955e762a6a248a4f0de55d2e8236c9f6235c8e

    • Size

      4.9MB

    • MD5

      071c933af96d7e3c46a38262d8fe2024

    • SHA1

      b50ece28b9aa85efc0ee040275c3a6029cc927ae

    • SHA256

      fc8fee6db44791d4c1f760aa15955e762a6a248a4f0de55d2e8236c9f6235c8e

    • SHA512

      3bd6e212a775845479709933add0d67df5f0644b256c6b4fd61dbacc4b1a8eb9cdca30a2777c6f9a55a036c482349b87bf4199c1553734ac2096d0a68753d82d

    • SSDEEP

      49152:D8NAsurg//nk7xi03zDWi26fs2cWDAbcl7jkv4+9Ry4kjCzqx:oCsur+/k7T0uDhEv4n4Mf

    Score
    10/10
    chinese_generic_botnetbotnetpersistence

    • Generic Chinese Botnet

      A botnet originating from China which is currently unnamed publicly.

      botnetchinese_generic_botnet

    • Chinese Botnet payload

      botnet

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks