chinese_generic_botnet | a9ff0dd4a5ee46d64169a605a859d69f39b135df8bcc8a20b5a2c693aae65666 | Triage

Sharing

General

Target

a9ff0dd4a5ee46d64169a605a859d69f39b135df8bcc8a20b5a2c693aae65666
Size

584KB
Sample

240411-pg6dmabd32
MD5

25b1052f544cdf4c57ae8b90d83df1ac
SHA1

2b1d50060504fd8ec7cbeea25ac4774128ca014e
SHA256

a9ff0dd4a5ee46d64169a605a859d69f39b135df8bcc8a20b5a2c693aae65666
SHA512

bc438cdcf7d7a8a74f57265f9bdc625373a6c0eb11ff9eac431ccf86abab4b6f18ee268108e1ef2053ca367c79385a159da80c7fa837cdf580e945c2e82cb584
SSDEEP

6144:V8+i1XKDBMZkRhJEHEkVsWqTWVHXJTuEeJhtqJPdk8hZZx:+9KDBnRhiEAqKV30d0Pdk8n

Score

10^/10

chinese_generic_botnet botnet persistence

Malware Config

Targets

- Target
  
  a9ff0dd4a5ee46d64169a605a859d69f39b135df8bcc8a20b5a2c693aae65666
- Size
  
  584KB
- MD5
  
  25b1052f544cdf4c57ae8b90d83df1ac
- SHA1
  
  2b1d50060504fd8ec7cbeea25ac4774128ca014e
- SHA256
  
  a9ff0dd4a5ee46d64169a605a859d69f39b135df8bcc8a20b5a2c693aae65666
- SHA512
  
  bc438cdcf7d7a8a74f57265f9bdc625373a6c0eb11ff9eac431ccf86abab4b6f18ee268108e1ef2053ca367c79385a159da80c7fa837cdf580e945c2e82cb584
- SSDEEP
  
  6144:V8+i1XKDBMZkRhJEHEkVsWqTWVHXJTuEeJhtqJPdk8hZZx:+9KDBnRhiEAqKV30d0Pdk8n
Score

10^/10

chinese_generic_botnet botnet persistence
- Generic Chinese Botnet
  A botnet originating from China which is currently unnamed publicly.
  botnet chinese_generic_botnet
- Chinese Botnet payload
  botnet
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

chinese_generic_botnetbotnetpersistence

behavioral2

chinese_generic_botnetbotnetpersistence