General
-
Target
ca6de5ed4051ec20b8612d30b3962397fa0b6e209a2d223cef37708150e48df4
-
Size
904KB
-
Sample
220520-ndn5hadgfn
-
MD5
174dd7939ab780f7cf8118f9a8967afe
-
SHA1
4fb8476faa85c3ba287c170ebd749331488be2f1
-
SHA256
ca6de5ed4051ec20b8612d30b3962397fa0b6e209a2d223cef37708150e48df4
-
SHA512
918b267890e2befea1abc78643338acd9edbf0c40bc3edcba293278425c41cf3f80eaa4c507bf7802b3c69afa64e9e411842bf9848877a235d2b70fb3e1f4958
Static task
static1
Behavioral task
behavioral1
Sample
ca6de5ed4051ec20b8612d30b3962397fa0b6e209a2d223cef37708150e48df4.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
ca6de5ed4051ec20b8612d30b3962397fa0b6e209a2d223cef37708150e48df4.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
ca6de5ed4051ec20b8612d30b3962397fa0b6e209a2d223cef37708150e48df4
-
Size
904KB
-
MD5
174dd7939ab780f7cf8118f9a8967afe
-
SHA1
4fb8476faa85c3ba287c170ebd749331488be2f1
-
SHA256
ca6de5ed4051ec20b8612d30b3962397fa0b6e209a2d223cef37708150e48df4
-
SHA512
918b267890e2befea1abc78643338acd9edbf0c40bc3edcba293278425c41cf3f80eaa4c507bf7802b3c69afa64e9e411842bf9848877a235d2b70fb3e1f4958
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-