Description
Looks up country code configured in the registry, likely geofence.
General
Target
Size
Sample
05c7101db899b4a4d29f3009878124f8bbce6d0df49e9dba9b381c44e2357d3c
3MB
220520-fd3nwsddak
Score
8/10
MD5
SHA1
SHA256
SHA512
8f624f06bacd6651334446e80ff16972
0494097ab18dc74945acdbca430c91d4d1a3e3b4
05c7101db899b4a4d29f3009878124f8bbce6d0df49e9dba9b381c44e2357d3c
df64645de7143ae36ccee595365dd9e5f8a14cba463451b8fb0a1385b7262d43e11e6e39d915946443ee74bc7bc6d7de9e92b2e2db65e1142b33983ca46105f8
Malware Config
Targets
Target
MD5
Filesize
05c7101db899b4a4d29f3009878124f8bbce6d0df49e9dba9b381c44e2357d3c
8f624f06bacd6651334446e80ff16972
3MB
Score
8/10
SHA1
SHA256
SHA512
0494097ab18dc74945acdbca430c91d4d1a3e3b4
05c7101db899b4a4d29f3009878124f8bbce6d0df49e9dba9b381c44e2357d3c
df64645de7143ae36ccee595365dd9e5f8a14cba463451b8fb0a1385b7262d43e11e6e39d915946443ee74bc7bc6d7de9e92b2e2db65e1142b33983ca46105f8
Tags
Signatures
-
Executes dropped EXE
-
Checks computer location settings
-
Loads dropped DLL
-
Adds Run key to start application
Tags
TTPs
-
Checks installed software on the system
Description
Looks up Uninstall key entries in the registry to enumerate software on the system.
Tags
TTPs
-
Checks whether UAC is enabled
Tags
TTPs
-
Writes to the Master Boot Record (MBR)
Description
Bootkits write to the MBR to gain persistence at a level below the operating system.
Tags
TTPs
Related Tasks
MITRE ATT&CK Matrix
Collection
Command and Control
Credential Access
Defense Evasion
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Tasks
static1
Score
1/10
behavioral1
Score
8/10
behavioral2
Score
8/10