Overview

overview

10

Static

static

5

14ae6f0c31...dc.exe

windows7-x64

10

14ae6f0c31...dc.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    14ae6f0c312155322d1af339f78179e9feff394bce60c7d51b7a6801f3f8d7dc

  • Size

    386KB

  • Sample

    241206-nar2zszqhl

  • MD5

    7dc5ac82bb6ad9349aa264cf21b89f87

  • SHA1

    61904ea7be46eaf3749136d4095b1f158b8d70aa

  • SHA256

    14ae6f0c312155322d1af339f78179e9feff394bce60c7d51b7a6801f3f8d7dc

  • SHA512

    6223155c9ef7b79077b2d6f83f28c89dfa2fc6c8bec2a8ba9dccd8f5718139ea243ca44d7af6cc1d1365ec6986521b3ad59b7a7b7c0f8232be707493390cac9a

  • SSDEEP

    3072:N6h5LJ0Q0CJpiw1w1HoFN6WtljaJuloHs+dtE3KznO:N6h5LJ5TJgZ1HoFN6WtljaJul+pnE6j

Score
10/10
chinese_generic_botnetbotnetdiscoverypersistenceupx

Malware Config

Targets

    • Target

      14ae6f0c312155322d1af339f78179e9feff394bce60c7d51b7a6801f3f8d7dc

    • Size

      386KB

    • MD5

      7dc5ac82bb6ad9349aa264cf21b89f87

    • SHA1

      61904ea7be46eaf3749136d4095b1f158b8d70aa

    • SHA256

      14ae6f0c312155322d1af339f78179e9feff394bce60c7d51b7a6801f3f8d7dc

    • SHA512

      6223155c9ef7b79077b2d6f83f28c89dfa2fc6c8bec2a8ba9dccd8f5718139ea243ca44d7af6cc1d1365ec6986521b3ad59b7a7b7c0f8232be707493390cac9a

    • SSDEEP

      3072:N6h5LJ0Q0CJpiw1w1HoFN6WtljaJuloHs+dtE3KznO:N6h5LJ5TJgZ1HoFN6WtljaJul+pnE6j

    Score
    10/10
    chinese_generic_botnetbotnetdiscoveryupxpersistence

    • Chinese_generic_botnet family

      chinese_generic_botnet

    • Generic Chinese Botnet

      A botnet originating from China which is currently unnamed publicly.

      botnetchinese_generic_botnet

    • Chinese Botnet payload

      botnet

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks