Overview

overview

10

Static

static

3

f22b785b33...e9.exe

windows7-x64

10

f22b785b33...e9.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f22b785b33c40c33339c6aca991d641eed3242d26d3aeab1dcb09b2d98989ce9

  • Size

    3.3MB

  • Sample

    240713-hcwkaszdmj

  • MD5

    0d3bbd53d76c3b625da39c50fb00ea30

  • SHA1

    2c919e370cf9166b91f3d586a1618df24a349d7c

  • SHA256

    f22b785b33c40c33339c6aca991d641eed3242d26d3aeab1dcb09b2d98989ce9

  • SHA512

    bd919245623db347895af691c8d7705740aa39e9c44a634aa9c8f9918125de46c955cc69397a9caf84203a033750d4443552f08e64bc74305111bed339b07168

  • SSDEEP

    49152:t/3Uxi03zDWi26fs2cWDAbcl7jkv4+9Ry4kjCz:t/ET0uDhEv4n4M

Score
10/10
chinese_generic_botnetbotnetpersistence

Malware Config

Targets

    • Target

      f22b785b33c40c33339c6aca991d641eed3242d26d3aeab1dcb09b2d98989ce9

    • Size

      3.3MB

    • MD5

      0d3bbd53d76c3b625da39c50fb00ea30

    • SHA1

      2c919e370cf9166b91f3d586a1618df24a349d7c

    • SHA256

      f22b785b33c40c33339c6aca991d641eed3242d26d3aeab1dcb09b2d98989ce9

    • SHA512

      bd919245623db347895af691c8d7705740aa39e9c44a634aa9c8f9918125de46c955cc69397a9caf84203a033750d4443552f08e64bc74305111bed339b07168

    • SSDEEP

      49152:t/3Uxi03zDWi26fs2cWDAbcl7jkv4+9Ry4kjCz:t/ET0uDhEv4n4M

    Score
    10/10
    chinese_generic_botnetbotnetpersistence

    • Generic Chinese Botnet

      A botnet originating from China which is currently unnamed publicly.

      botnetchinese_generic_botnet

    • Chinese Botnet payload

      botnet

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks