General
-
Target
b1637f5279b2f5047ed81d5af27ba280cbeffe351e0818689b824ebea3c6119a
-
Size
11.1MB
-
Sample
210509-aa686nz89x
-
MD5
5fabfcfdd5b433c8bc1d5fa82ba9c7d1
-
SHA1
6ecfc1bb1278f642893085b6f6d3f480d3ccbc68
-
SHA256
b1637f5279b2f5047ed81d5af27ba280cbeffe351e0818689b824ebea3c6119a
-
SHA512
bb4318e4f7b2e8f3b9b388e97abceee30cfa7f47477d1416c7af561a2637a7c77e4ddee628aca616e986f0741bace86c1791198345b6f4123646b725632663d3
Static task
static1
Behavioral task
behavioral1
Sample
b1637f5279b2f5047ed81d5af27ba280cbeffe351e0818689b824ebea3c6119a.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
b1637f5279b2f5047ed81d5af27ba280cbeffe351e0818689b824ebea3c6119a.exe
Resource
win10v20210408
Malware Config
Targets
-
-
Target
b1637f5279b2f5047ed81d5af27ba280cbeffe351e0818689b824ebea3c6119a
-
Size
11.1MB
-
MD5
5fabfcfdd5b433c8bc1d5fa82ba9c7d1
-
SHA1
6ecfc1bb1278f642893085b6f6d3f480d3ccbc68
-
SHA256
b1637f5279b2f5047ed81d5af27ba280cbeffe351e0818689b824ebea3c6119a
-
SHA512
bb4318e4f7b2e8f3b9b388e97abceee30cfa7f47477d1416c7af561a2637a7c77e4ddee628aca616e986f0741bace86c1791198345b6f4123646b725632663d3
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks for any installed AV software in registry
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-