General
-
Target
9bf82f9aca633a2abf6f4a32c9167b8e673008fac45791cf0818554d61db2822
-
Size
542KB
-
Sample
240324-l2ff6aed8t
-
MD5
d23b1d1384a80398213687314fdf4c8d
-
SHA1
c8acb6532ea07f31f95715f1980d0b2e7ed78acf
-
SHA256
9bf82f9aca633a2abf6f4a32c9167b8e673008fac45791cf0818554d61db2822
-
SHA512
f5d48875ae5cc3fee3bffa3fd579e8927623eff9b02bffc01ec3d6b87cf9e4dea17e4d3b718849f774826659819bfebc6e0aab74cccd9697bd111b5b5b3ccd01
-
SSDEEP
3072:A5OsiQ79xzUcbK9LK/fzuaCrutJUDpRfmm5yqiXO+Zoy/6ESh0Jz5OdRSud:G7hoBO/fzxUpFmkgXO+T/6EJJNaSQ
Malware Config
Targets
-
-
Target
9bf82f9aca633a2abf6f4a32c9167b8e673008fac45791cf0818554d61db2822
-
Size
542KB
-
MD5
d23b1d1384a80398213687314fdf4c8d
-
SHA1
c8acb6532ea07f31f95715f1980d0b2e7ed78acf
-
SHA256
9bf82f9aca633a2abf6f4a32c9167b8e673008fac45791cf0818554d61db2822
-
SHA512
f5d48875ae5cc3fee3bffa3fd579e8927623eff9b02bffc01ec3d6b87cf9e4dea17e4d3b718849f774826659819bfebc6e0aab74cccd9697bd111b5b5b3ccd01
-
SSDEEP
3072:A5OsiQ79xzUcbK9LK/fzuaCrutJUDpRfmm5yqiXO+Zoy/6ESh0Jz5OdRSud:G7hoBO/fzxUpFmkgXO+T/6EJJNaSQ
Score10/10-
Generic Chinese Botnet
A botnet originating from China which is currently unnamed publicly.
-
Chinese Botnet payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-