General
-
Target
5c61d4279a66920cdbb4aea1b9bc84f34f563eb63de7ce57296784e4304a7e65
-
Size
642KB
-
Sample
220520-e46msscgfq
-
MD5
3ba57c30e9d76e7a0e16343d6ca9e4d1
-
SHA1
97fe51a2fd27183b20dfaeba8db5f2738a1eda27
-
SHA256
5c61d4279a66920cdbb4aea1b9bc84f34f563eb63de7ce57296784e4304a7e65
-
SHA512
5d356c8399364604c71d6f7b49f34af35bec09802a4f10953ffaaa32db85dd4f0caaed5c96418dc1fec9d4dfc45f96fbec327e22b9e77c4b2d287cc4e5922508
Malware Config
Targets
-
-
Target
5c61d4279a66920cdbb4aea1b9bc84f34f563eb63de7ce57296784e4304a7e65
-
Size
642KB
-
MD5
3ba57c30e9d76e7a0e16343d6ca9e4d1
-
SHA1
97fe51a2fd27183b20dfaeba8db5f2738a1eda27
-
SHA256
5c61d4279a66920cdbb4aea1b9bc84f34f563eb63de7ce57296784e4304a7e65
-
SHA512
5d356c8399364604c71d6f7b49f34af35bec09802a4f10953ffaaa32db85dd4f0caaed5c96418dc1fec9d4dfc45f96fbec327e22b9e77c4b2d287cc4e5922508
Score8/10-
Disables Task Manager via registry modification
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-