General
Target

5c61d4279a66920cdbb4aea1b9bc84f34f563eb63de7ce57296784e4304a7e65

Size

642KB

Sample

220520-e46msscgfq

Score
8/10
MD5

3ba57c30e9d76e7a0e16343d6ca9e4d1

SHA1

97fe51a2fd27183b20dfaeba8db5f2738a1eda27

SHA256

5c61d4279a66920cdbb4aea1b9bc84f34f563eb63de7ce57296784e4304a7e65

SHA512

5d356c8399364604c71d6f7b49f34af35bec09802a4f10953ffaaa32db85dd4f0caaed5c96418dc1fec9d4dfc45f96fbec327e22b9e77c4b2d287cc4e5922508

Malware Config
Targets
Target

5c61d4279a66920cdbb4aea1b9bc84f34f563eb63de7ce57296784e4304a7e65

MD5

3ba57c30e9d76e7a0e16343d6ca9e4d1

Filesize

642KB

Score
8/10
SHA1

97fe51a2fd27183b20dfaeba8db5f2738a1eda27

SHA256

5c61d4279a66920cdbb4aea1b9bc84f34f563eb63de7ce57296784e4304a7e65

SHA512

5d356c8399364604c71d6f7b49f34af35bec09802a4f10953ffaaa32db85dd4f0caaed5c96418dc1fec9d4dfc45f96fbec327e22b9e77c4b2d287cc4e5922508

Tags

Signatures

  • Disables Task Manager via registry modification

    Tags

  • Checks computer location settings

    Description

    Looks up country code configured in the registry, likely geofence.

    TTPs

    Query RegistrySystem Information Discovery
  • Writes to the Master Boot Record (MBR)

    Description

    Bootkits write to the MBR to gain persistence at a level below the operating system.

    Tags

    TTPs

    Bootkit

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Execution
            Exfiltration
              Impact
                Initial Access
                  Lateral Movement
                    Persistence
                    Privilege Escalation
                      Tasks

                      static1

                      Score
                      N/A

                      behavioral1

                      Score
                      8/10

                      behavioral2

                      Score
                      8/10