General
-
Target
9553e9d5c162ee6bc5ebe0461a87e5d9d1c66c5be38c3293050d87cf8d048ca0
-
Size
3.3MB
-
Sample
240722-b8pnasvbqa
-
MD5
8ca55e334f4679e6aadc101833a19a38
-
SHA1
1b47cf80bfa6c7cb6f72fc0a1046e7ffa91b26a3
-
SHA256
9553e9d5c162ee6bc5ebe0461a87e5d9d1c66c5be38c3293050d87cf8d048ca0
-
SHA512
2ebfb891c70f544e1e886d2a98478cdae213323fdc6e741c0dc4082d929ff028fa2fbabe2bcab3f6e365085267da8b55d74af8142c994cf633752624b98e7892
-
SSDEEP
49152:m/CKxi03zDWi26fs2cWDAbcl7j1v4+9Ry4kjC+Fn05Ricx4PHzLbf:m/CKT0uDhVv4n4MbFn05Ricx4PHzLb
Malware Config
Targets
-
-
Target
9553e9d5c162ee6bc5ebe0461a87e5d9d1c66c5be38c3293050d87cf8d048ca0
-
Size
3.3MB
-
MD5
8ca55e334f4679e6aadc101833a19a38
-
SHA1
1b47cf80bfa6c7cb6f72fc0a1046e7ffa91b26a3
-
SHA256
9553e9d5c162ee6bc5ebe0461a87e5d9d1c66c5be38c3293050d87cf8d048ca0
-
SHA512
2ebfb891c70f544e1e886d2a98478cdae213323fdc6e741c0dc4082d929ff028fa2fbabe2bcab3f6e365085267da8b55d74af8142c994cf633752624b98e7892
-
SSDEEP
49152:m/CKxi03zDWi26fs2cWDAbcl7j1v4+9Ry4kjC+Fn05Ricx4PHzLbf:m/CKT0uDhVv4n4MbFn05Ricx4PHzLb
Score10/10-
Generic Chinese Botnet
A botnet originating from China which is currently unnamed publicly.
-
Chinese Botnet payload
-
ASPack v2.12-2.42
Detects executables packed with ASPack v2.12-2.42
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-