chinese_generic_botnet | 57d55049a0bceaf021c28b7a7395c365e6402855b3122a8c165c381f5a7b1bd6 | Triage

Submit
Reports

Overview

overview

Static

static

3

57d55049a0...d6.exe

windows7-x64

57d55049a0...d6.exe

windows10-2004-x64

Sharing

General

Target

57d55049a0bceaf021c28b7a7395c365e6402855b3122a8c165c381f5a7b1bd6
Size

3.3MB
Sample

240221-bz9xwahf87
MD5

6a8e1430e7d9394ba37636e62be5e9fb
SHA1

f53b02f63ee7be4c5d7b0e03faab0102f4dca537
SHA256

57d55049a0bceaf021c28b7a7395c365e6402855b3122a8c165c381f5a7b1bd6
SHA512

7eb63dfbdf1b26d18768f1d99a82ee6544d635bed3f60790f7329df5c09f5e59a47a38016e20bc58a1341b17a8df524273c5b91ad7ada4342b47159d693b16d8
SSDEEP

49152:T0UdoogeHa+Fw0TNMC2yvOPVGpI3tzlGCGc7gTmiue7vVwtWv:PpNw0TNMC0PVsUFlGCGSgyia0

Score

10^/10

chinese_generic_botnet botnet persistence

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

57d55049a0bceaf021c28b7a7395c365e6402855b3122a8c165c381f5a7b1bd6.exe

Resource

win7-20231215-en

chinese_generic_botnet botnet

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

57d55049a0bceaf021c28b7a7395c365e6402855b3122a8c165c381f5a7b1bd6.exe

Resource

win10v2004-20231215-en

chinese_generic_botnet botnet persistence

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  57d55049a0bceaf021c28b7a7395c365e6402855b3122a8c165c381f5a7b1bd6
- Size
  
  3.3MB
- MD5
  
  6a8e1430e7d9394ba37636e62be5e9fb
- SHA1
  
  f53b02f63ee7be4c5d7b0e03faab0102f4dca537
- SHA256
  
  57d55049a0bceaf021c28b7a7395c365e6402855b3122a8c165c381f5a7b1bd6
- SHA512
  
  7eb63dfbdf1b26d18768f1d99a82ee6544d635bed3f60790f7329df5c09f5e59a47a38016e20bc58a1341b17a8df524273c5b91ad7ada4342b47159d693b16d8
- SSDEEP
  
  49152:T0UdoogeHa+Fw0TNMC2yvOPVGpI3tzlGCGc7gTmiue7vVwtWv:PpNw0TNMC0PVsUFlGCGSgyia0
Score

10^/10

chinese_generic_botnet botnet persistence
- Generic Chinese Botnet
  A botnet originating from China which is currently unnamed publicly.
  botnet chinese_generic_botnet
- Chinese Botnet payload
  botnet
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

chinese_generic_botnetbotnet

behavioral2

chinese_generic_botnetbotnetpersistence

© 2018-2024

Terms | Privacy