General
-
Target
cfee2d1e4e8cac29ba1304e2c6639b7bdf8dc5a111f5a6cfc94981c89060d367
-
Size
1.7MB
-
Sample
220520-rq9hragcb5
-
MD5
fde7ae84cb218ddabbfbbffeac0cce14
-
SHA1
251f033a47407fac551802866b8a2c829ed7b9c1
-
SHA256
cfee2d1e4e8cac29ba1304e2c6639b7bdf8dc5a111f5a6cfc94981c89060d367
-
SHA512
64fbd447595176955733a740df01deb45898123c50524146b869793bb358f17eeaba43d2182f5c16fb6cdd2e2848f30b8883ff7fda4348d047d5e8e0f3cdc730
Static task
static1
Behavioral task
behavioral1
Sample
cfee2d1e4e8cac29ba1304e2c6639b7bdf8dc5a111f5a6cfc94981c89060d367.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
cfee2d1e4e8cac29ba1304e2c6639b7bdf8dc5a111f5a6cfc94981c89060d367.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
cfee2d1e4e8cac29ba1304e2c6639b7bdf8dc5a111f5a6cfc94981c89060d367
-
Size
1.7MB
-
MD5
fde7ae84cb218ddabbfbbffeac0cce14
-
SHA1
251f033a47407fac551802866b8a2c829ed7b9c1
-
SHA256
cfee2d1e4e8cac29ba1304e2c6639b7bdf8dc5a111f5a6cfc94981c89060d367
-
SHA512
64fbd447595176955733a740df01deb45898123c50524146b869793bb358f17eeaba43d2182f5c16fb6cdd2e2848f30b8883ff7fda4348d047d5e8e0f3cdc730
Score9/10-
Looks for VirtualBox Guest Additions in registry
-
Executes dropped EXE
-
Looks for VMWare Tools registry key
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-