chinese_generic_botnet | 364e39ff3161639a0349ba68540d66e94bca3aeec6e14136f7fc315a2802f3ba | Triage

Submit
Reports

Overview

overview

Static

static

364e39ff31...ba.exe

windows7-x64

364e39ff31...ba.exe

windows10-2004-x64

Sharing

General

Target

364e39ff3161639a0349ba68540d66e94bca3aeec6e14136f7fc315a2802f3ba
Size

3.0MB
Sample

240320-l2rjeseb22
MD5

de374f2ca7f0b71e2ee9626679be4276
SHA1

19b4bf11baf75dc623c19216aa425ab1eab64727
SHA256

364e39ff3161639a0349ba68540d66e94bca3aeec6e14136f7fc315a2802f3ba
SHA512

06c6f75e3e9087b501e9c65ac124771a23caca3929b803deac038ebe0c35c0077c3da0e1b8406bd71aaccb55002641d1dfc1bf26dc764846e3cd16ad6ebd43d6
SSDEEP

49152:V/CUxi03zDWi26fs2cWDAbcl7j1v4+9Ry4kjCfJ:V/CUT0uDhVv4n4Mk

Score

10^/10

chinese_generic_botnet botnet persistence

Static task

static1

botnet chinese_generic_botnet

3 signatures

Behavioral task

behavioral1

Sample

364e39ff3161639a0349ba68540d66e94bca3aeec6e14136f7fc315a2802f3ba.exe

Resource

win7-20240221-en

chinese_generic_botnet botnet

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

364e39ff3161639a0349ba68540d66e94bca3aeec6e14136f7fc315a2802f3ba.exe

Resource

win10v2004-20240319-en

chinese_generic_botnet botnet persistence

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  364e39ff3161639a0349ba68540d66e94bca3aeec6e14136f7fc315a2802f3ba
- Size
  
  3.0MB
- MD5
  
  de374f2ca7f0b71e2ee9626679be4276
- SHA1
  
  19b4bf11baf75dc623c19216aa425ab1eab64727
- SHA256
  
  364e39ff3161639a0349ba68540d66e94bca3aeec6e14136f7fc315a2802f3ba
- SHA512
  
  06c6f75e3e9087b501e9c65ac124771a23caca3929b803deac038ebe0c35c0077c3da0e1b8406bd71aaccb55002641d1dfc1bf26dc764846e3cd16ad6ebd43d6
- SSDEEP
  
  49152:V/CUxi03zDWi26fs2cWDAbcl7j1v4+9Ry4kjCfJ:V/CUT0uDhVv4n4Mk
Score

10^/10

chinese_generic_botnet botnet persistence
- Generic Chinese Botnet
  A botnet originating from China which is currently unnamed publicly.
  botnet chinese_generic_botnet
- Chinese Botnet payload
  botnet
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

botnetchinese_generic_botnet

behavioral1

chinese_generic_botnetbotnet

behavioral2

chinese_generic_botnetbotnetpersistence

© 2018-2024

Terms | Privacy