Overview

overview

8

Static

static

3

TeamSyncBotnet.zip

windows11-21h2-x64

Botnet/Botnet.bat

windows11-21h2-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    TeamSyncBotnet.zip

  • Size

    1011KB

  • Sample

    240812-l8994s1akc

  • MD5

    2a27a138d8a1f1a34d4149427b69d785

  • SHA1

    35a9941c175222d9704970e931b6760142d4eeda

  • SHA256

    653cfd27b7e988561a5b7af281fc8e0e60285e26a60467b4dcef70590327f728

  • SHA512

    c98b7903b302c21c8777abe0521ae79682c7da4531fddfece4d8aeeb11f418ed136bde579e7a0ff89da66d140e0f953eb4779e13cc64a4edc7a676d299b0811b

  • SSDEEP

    24576:m9MM9cuzAR3RyDlEKu3n81Sfcu91HHu1Mu/L1wzQtYJ:C9BzUhyDldu3nQW9BHgMKL1wzQ+J

Score
8/10
discoveryexecutionpersistence

Malware Config

Targets

    • Target

      TeamSyncBotnet.zip

    • Size

      1011KB

    • MD5

      2a27a138d8a1f1a34d4149427b69d785

    • SHA1

      35a9941c175222d9704970e931b6760142d4eeda

    • SHA256

      653cfd27b7e988561a5b7af281fc8e0e60285e26a60467b4dcef70590327f728

    • SHA512

      c98b7903b302c21c8777abe0521ae79682c7da4531fddfece4d8aeeb11f418ed136bde579e7a0ff89da66d140e0f953eb4779e13cc64a4edc7a676d299b0811b

    • SSDEEP

      24576:m9MM9cuzAR3RyDlEKu3n81Sfcu91HHu1Mu/L1wzQtYJ:C9BzUhyDldu3nQW9BHgMKL1wzQ+J

    Score
    8/10
    discoveryexecutionpersistence

    • Command and Scripting Interpreter: PowerShell

      Run Powershell and hide display window.

      execution

    • Adds Run key to start application

      persistence
    behavioral1

    • Target

      Botnet/Botnet.bat

    • Size

      1.8MB

    • MD5

      40b83f775740cabe66634fa2c365cc20

    • SHA1

      9c4ad5d8e0376c743f96468093b8656ca2d84d4a

    • SHA256

      038b8a10585b6b8e81454d978fe4aabb22b28ea93a17b7b14aeaef66d3efac2c

    • SHA512

      5025429e59af940fca37ada795b925dccbb23bf7e35169bc95b20cc77be828a288621c8a0f184cf481eed1ee5bee473089c6d5b88728148e9f310cf69b7cd5a2

    • SSDEEP

      24576:2WZ5oeL8NVRVM+VjRl+H4bZBkhWlacFz66eFcI6mBevOnFOZqd9NnVPpWkX+C0kZ:2H3Rzghw7+6UrgvOFUeUdqb0q

    Score
    8/10
    execution

    • Command and Scripting Interpreter: PowerShell

      Run Powershell and hide display window.

      execution
    behavioral2

MITRE ATT&CK Enterprise v15

Tasks