Description
BIOS information is often read in order to detect sandboxing environments.
43da221f252d3e0e7c06aa2f21854fed1f01344f81be704e4f0b648f6085527d
General
Target
Size
Sample
43da221f252d3e0e7c06aa2f21854fed1f01344f81be704e4f0b648f6085527d
2MB
220520-2x541sbbeq
Score
8 /10
MD5
SHA1
SHA256
SHA512
35da338f4f436aea22b6eb70a1a4f4da
7a680d40094954c586afbbc091157023913cee25
43da221f252d3e0e7c06aa2f21854fed1f01344f81be704e4f0b648f6085527d
d9094284f53b5e940c05604588ab5963712c844a8a7213d3948373a3efeb5187b4193c25957517ffe95724263f914b3993681383d9489da071187102bbb01e53
Malware Config
Targets
Target
MD5
Filesize
43da221f252d3e0e7c06aa2f21854fed1f01344f81be704e4f0b648f6085527d
35da338f4f436aea22b6eb70a1a4f4da
2MB
Score
8/10
SHA1
SHA256
SHA512
7a680d40094954c586afbbc091157023913cee25
43da221f252d3e0e7c06aa2f21854fed1f01344f81be704e4f0b648f6085527d
d9094284f53b5e940c05604588ab5963712c844a8a7213d3948373a3efeb5187b4193c25957517ffe95724263f914b3993681383d9489da071187102bbb01e53
Tags
Signatures
-
Executes dropped EXE
-
Checks BIOS information in registry
-
Checks computer location settings
Description
Looks up country code configured in the registry, likely geofence.
TTPs
-
Loads dropped DLL
-
Adds Run key to start application
Tags
TTPs
-
Checks whether UAC is enabled
Tags
TTPs
-
Writes to the Master Boot Record (MBR)
Description
Bootkits write to the MBR to gain persistence at a level below the operating system.
Tags
TTPs
Related Tasks
MITRE ATT&CK Matrix
Collection
Command and Control
Credential Access
Defense Evasion
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Tasks