General
-
Target
05c7101db899b4a4d29f3009878124f8bbce6d0df49e9dba9b381c44e2357d3c
-
Size
3.1MB
-
Sample
220520-fd3nwsddak
-
MD5
8f624f06bacd6651334446e80ff16972
-
SHA1
0494097ab18dc74945acdbca430c91d4d1a3e3b4
-
SHA256
05c7101db899b4a4d29f3009878124f8bbce6d0df49e9dba9b381c44e2357d3c
-
SHA512
df64645de7143ae36ccee595365dd9e5f8a14cba463451b8fb0a1385b7262d43e11e6e39d915946443ee74bc7bc6d7de9e92b2e2db65e1142b33983ca46105f8
Static task
static1
Behavioral task
behavioral1
Sample
05c7101db899b4a4d29f3009878124f8bbce6d0df49e9dba9b381c44e2357d3c.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
05c7101db899b4a4d29f3009878124f8bbce6d0df49e9dba9b381c44e2357d3c.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
05c7101db899b4a4d29f3009878124f8bbce6d0df49e9dba9b381c44e2357d3c
-
Size
3.1MB
-
MD5
8f624f06bacd6651334446e80ff16972
-
SHA1
0494097ab18dc74945acdbca430c91d4d1a3e3b4
-
SHA256
05c7101db899b4a4d29f3009878124f8bbce6d0df49e9dba9b381c44e2357d3c
-
SHA512
df64645de7143ae36ccee595365dd9e5f8a14cba463451b8fb0a1385b7262d43e11e6e39d915946443ee74bc7bc6d7de9e92b2e2db65e1142b33983ca46105f8
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-