Analysis
-
max time kernel
147s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
-
submitted
23-06-2024 09:46
General
-
Target
e3d105dc1dd582851c2c91cd4c0236224aca8a26670112e52750209527ef92aa.exe
-
Size
1.0MB
-
MD5
5194004ec7dc8f3b91532982e07ed868
-
SHA1
58c3ab31d2c38e28939d0ff440dd567ba97a85c6
-
SHA256
e3d105dc1dd582851c2c91cd4c0236224aca8a26670112e52750209527ef92aa
-
SHA512
bd75ba602227ef1076ccb529c88cfd1d641fe21952f9796628e7dde31c1b0323cf45c267e1e350dacefd850c565bacfd13efc75147138f474c514f61582c3ac2
-
SSDEEP
3072:r3yG5wEOTetgIGjxyr3KMLu9vJGq0wSCKY2vMY2iudSZjuZj7QDYQG4jvmat896K:Tyq9ptgIsxITrY0QMuQDYQ9jv89Ak
Score
10/10
Malware Config
Signatures
-
Generic Chinese Botnet
A botnet originating from China which is currently unnamed publicly.
-
Chinese Botnet payload 1 IoCs
-
Adds Run key to start application 2 TTPs 1 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\e3d105dc1dd582851c2c91cd4c0236224aca8a26670112e52750209527ef92aa.exe"C:\Users\Admin\AppData\Local\Temp\e3d105dc1dd582851c2c91cd4c0236224aca8a26670112e52750209527ef92aa.exe"1⤵
- Adds Run key to start application
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
96KB