Overview

overview

10

Static

static

10

shark_botnet_c2.zip

windows7-x64

7

shark_botnet_c2.zip

windows10-2004-x64

1

WinDivert.dll

windows7-x64

1

WinDivert.dll

windows10-2004-x64

1

WinDivert64.sys

windows7-x64

1

WinDivert64.sys

windows10-2004-x64

1

barrier.cpp

windows7-x64

3

barrier.cpp

windows10-2004-x64

3

desktop.ini

windows7-x64

1

desktop.ini

windows10-2004-x64

1

sharkbotnetc2.exe

windows7-x64

7

sharkbotnetc2.exe

windows10-2004-x64

8

���k�Yv.pyc

windows7-x64

���k�Yv.pyc

windows10-2004-x64

xmmintrin.h

windows7-x64

3

xmmintrin.h

windows10-2004-x64

3

Analysis

  • max time kernel
    93s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    15-11-2024 19:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    shark_botnet_c2.zip

  • Size

    6.8MB

  • MD5

    bf52fb2803cc805f797b2f00ceb4260d

  • SHA1

    6724edfefaaa0ac387d6f7bfae9ad6280eb6908a

  • SHA256

    ba9ada271c0e3bb2c53762c41a19f414811f8b3079e107adbb64edbed4b45b53

  • SHA512

    396880f658cb8b7289332db46b88a89a89dd3613295b5fb6919a1919607438b70054a2909cebf5f9f563485701f3176ecf4de6c7da728d4eba5775bdb06573c6

  • SSDEEP

    196608:wPjxTGiNv++tfZT1dKp+nK6kbQ3sxInFWt:wZNvttfZTiUtkU3scO

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Program Files\7-Zip\7zFM.exe
    "C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\AppData\Local\Temp\shark_botnet_c2.zip"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    PID:3840

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads