Overview

overview

10

Static

static

3

59fcc0c5a1...c8.exe

windows7-x64

10

59fcc0c5a1...c8.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    59fcc0c5a123dc0a67d61c57164ba5ea344a10101ad7bd6d3c3404c7e55f06c8

  • Size

    4.0MB

  • Sample

    240101-j2vjzahda8

  • MD5

    0e9380c75030b8154997b4e8310357b3

  • SHA1

    76ced34528c734c9871e774a6bd9cc1decffb2a4

  • SHA256

    59fcc0c5a123dc0a67d61c57164ba5ea344a10101ad7bd6d3c3404c7e55f06c8

  • SHA512

    be3b4675e43f3ef13014a7ac8e63df4073696997d786e03bd62bc0c9ae695af215011583ca50dc47ad4db8048de9c2e071db7c4e7749834534d80f5251416ba6

  • SSDEEP

    49152:A+CNRa23/nk7xi03zDWi26fs2cWDAbcl7jkv4+9Ry4kjCzSC:bIRa23/k7T0uDhEv4n4Mm

Score
10/10
chinese_generic_botnetbotnetpersistence

Malware Config

Targets

    • Target

      59fcc0c5a123dc0a67d61c57164ba5ea344a10101ad7bd6d3c3404c7e55f06c8

    • Size

      4.0MB

    • MD5

      0e9380c75030b8154997b4e8310357b3

    • SHA1

      76ced34528c734c9871e774a6bd9cc1decffb2a4

    • SHA256

      59fcc0c5a123dc0a67d61c57164ba5ea344a10101ad7bd6d3c3404c7e55f06c8

    • SHA512

      be3b4675e43f3ef13014a7ac8e63df4073696997d786e03bd62bc0c9ae695af215011583ca50dc47ad4db8048de9c2e071db7c4e7749834534d80f5251416ba6

    • SSDEEP

      49152:A+CNRa23/nk7xi03zDWi26fs2cWDAbcl7jkv4+9Ry4kjCzSC:bIRa23/k7T0uDhEv4n4Mm

    Score
    10/10
    chinese_generic_botnetbotnetpersistence

    • Generic Chinese Botnet

      A botnet originating from China which is currently unnamed publicly.

      botnetchinese_generic_botnet

    • Chinese Botnet payload

      botnet

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks