Overview

overview

10

Static

static

3

e8f95363f0...5f.exe

windows7-x64

10

e8f95363f0...5f.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e8f95363f0be9ca630f340dbad8df79238f9a1d14bc73ef7202c7a9212e35b5f

  • Size

    3.3MB

  • Sample

    240318-gq3ebsaa24

  • MD5

    c9640bea57f52febe2c4f54144ffb958

  • SHA1

    046a7668c151d03c0c901f23cbb2eff67f4d3ea5

  • SHA256

    e8f95363f0be9ca630f340dbad8df79238f9a1d14bc73ef7202c7a9212e35b5f

  • SHA512

    94cd7b56dd21efc0c7ddc5cb5bf5c04196cf147ef096518f244740603f3e123a854a13217c8da06ca92cce05c3f2b5f4b011a1d423d221fe9d611b69ea734271

  • SSDEEP

    49152:t/+Uxi03zDWi26fs2cWDAbcl7jkv4+9Ry4kjCz:t/TT0uDhEv4n4M

Score
10/10
chinese_generic_botnetbotnetpersistence

Malware Config

Targets

    • Target

      e8f95363f0be9ca630f340dbad8df79238f9a1d14bc73ef7202c7a9212e35b5f

    • Size

      3.3MB

    • MD5

      c9640bea57f52febe2c4f54144ffb958

    • SHA1

      046a7668c151d03c0c901f23cbb2eff67f4d3ea5

    • SHA256

      e8f95363f0be9ca630f340dbad8df79238f9a1d14bc73ef7202c7a9212e35b5f

    • SHA512

      94cd7b56dd21efc0c7ddc5cb5bf5c04196cf147ef096518f244740603f3e123a854a13217c8da06ca92cce05c3f2b5f4b011a1d423d221fe9d611b69ea734271

    • SSDEEP

      49152:t/+Uxi03zDWi26fs2cWDAbcl7jkv4+9Ry4kjCz:t/TT0uDhEv4n4M

    Score
    10/10
    chinese_generic_botnetbotnetpersistence

    • Generic Chinese Botnet

      A botnet originating from China which is currently unnamed publicly.

      botnetchinese_generic_botnet

    • Chinese Botnet payload

      botnet

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks