chinese_generic_botnet | 5aa0d47dea576a9fe8dccada94d0fd5a4295b5a3d7366b292a2563cad9574985 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

5aa0d47dea...85.exe

windows7-x64

5aa0d47dea...85.exe

windows10-2004-x64

Sharing

General

Target

5aa0d47dea576a9fe8dccada94d0fd5a4295b5a3d7366b292a2563cad9574985
Size

354KB
Sample

250124-nwezjsyjdq
MD5

2fc2bdf5e1898de95a908558a8d96f7a
SHA1

42383004c5b46c8a4fd52086708c9dc98d8d5470
SHA256

5aa0d47dea576a9fe8dccada94d0fd5a4295b5a3d7366b292a2563cad9574985
SHA512

952be820c215e38de84462a787eb9bf0fcbea3dff0e9c7e29b0faa1b8b7afa89834390ed4c326f13f158e1e03491c4136cfa7f5efb25dadb528021bd82b39c85
SSDEEP

3072:HEGulMVfMFLU3MuRxNUFtLiWLLZ7HoFN6WtljaJuloHs+lP:+BlUcsxNMtLLlHoFN6WtljaJul+pJ

Score

10^/10

chinese_generic_botnet botnet discovery persistence

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

5aa0d47dea576a9fe8dccada94d0fd5a4295b5a3d7366b292a2563cad9574985.exe

Resource

win7-20240903-en

chinese_generic_botnet botnet discovery persistence

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

5aa0d47dea576a9fe8dccada94d0fd5a4295b5a3d7366b292a2563cad9574985.exe

Resource

win10v2004-20241007-en

chinese_generic_botnet botnet discovery persistence

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  5aa0d47dea576a9fe8dccada94d0fd5a4295b5a3d7366b292a2563cad9574985
- Size
  
  354KB
- MD5
  
  2fc2bdf5e1898de95a908558a8d96f7a
- SHA1
  
  42383004c5b46c8a4fd52086708c9dc98d8d5470
- SHA256
  
  5aa0d47dea576a9fe8dccada94d0fd5a4295b5a3d7366b292a2563cad9574985
- SHA512
  
  952be820c215e38de84462a787eb9bf0fcbea3dff0e9c7e29b0faa1b8b7afa89834390ed4c326f13f158e1e03491c4136cfa7f5efb25dadb528021bd82b39c85
- SSDEEP
  
  3072:HEGulMVfMFLU3MuRxNUFtLiWLLZ7HoFN6WtljaJuloHs+lP:+BlUcsxNMtLLlHoFN6WtljaJul+pJ
Score

10^/10

chinese_generic_botnet botnet discovery persistence
- Chinese_generic_botnet family
  chinese_generic_botnet
- Generic Chinese Botnet
  A botnet originating from China which is currently unnamed publicly.
  botnet chinese_generic_botnet
- Chinese Botnet payload
  botnet
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

chinese_generic_botnetbotnetdiscoverypersistence

behavioral2

chinese_generic_botnetbotnetdiscoverypersistence

© 2018-2025

Terms | Privacy