chinese_generic_botnet | b721f465619896e4803dd45f61ffaf78719c962d123bfc025fa8eb6a82929139 | Triage

Sharing

General

Target

b721f465619896e4803dd45f61ffaf78719c962d123bfc025fa8eb6a82929139
Size

3.0MB
Sample

240320-l15dwsea77
MD5

f4493c831d658f14c153d83f5c5078cb
SHA1

51e410cdb40e050961bc0ec9ae4890fe08133e87
SHA256

b721f465619896e4803dd45f61ffaf78719c962d123bfc025fa8eb6a82929139
SHA512

b2900fcbe47a9d3ece2c43bad9f5ddc4c83ff6a8c50d9a5a5f972053a42bb8ae296ecd497d4f54e30032d8fd938114a8aadba6e9c8e7ddbcde7690b796386e40
SSDEEP

49152:V/ZqDriDxi03zDWi26fs2cWDAbcl7j1v4+9Ry4kjCfJ:V/ZTT0uDhVv4n4Mk

Score

10^/10

chinese_generic_botnet botnet persistence

Malware Config

Targets

- Target
  
  b721f465619896e4803dd45f61ffaf78719c962d123bfc025fa8eb6a82929139
- Size
  
  3.0MB
- MD5
  
  f4493c831d658f14c153d83f5c5078cb
- SHA1
  
  51e410cdb40e050961bc0ec9ae4890fe08133e87
- SHA256
  
  b721f465619896e4803dd45f61ffaf78719c962d123bfc025fa8eb6a82929139
- SHA512
  
  b2900fcbe47a9d3ece2c43bad9f5ddc4c83ff6a8c50d9a5a5f972053a42bb8ae296ecd497d4f54e30032d8fd938114a8aadba6e9c8e7ddbcde7690b796386e40
- SSDEEP
  
  49152:V/ZqDriDxi03zDWi26fs2cWDAbcl7j1v4+9Ry4kjCfJ:V/ZTT0uDhVv4n4Mk
Score

10^/10

chinese_generic_botnet botnet persistence
- Generic Chinese Botnet
  A botnet originating from China which is currently unnamed publicly.
  botnet chinese_generic_botnet
- Chinese Botnet payload
  botnet
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

chinese_generic_botnetbotnet

behavioral2

chinese_generic_botnetbotnetpersistence