General
-
Target
503d1d7af2c9ffa6d7d12e67e6be98c5b004cdd0192784a2eb26c667111e43e9
-
Size
6.4MB
-
Sample
220520-wfzysaebdq
-
MD5
9703cd46017b9e58d149b310a9769bf4
-
SHA1
111899150647f348b710d3afba7b401a26a32005
-
SHA256
503d1d7af2c9ffa6d7d12e67e6be98c5b004cdd0192784a2eb26c667111e43e9
-
SHA512
b3c70f08bce0b7cce6c198d630cd8a13ffc256c9e12456e9306594da7a4805ccc456a1d859c9daaea7de0f63fe35d297cb5d326e482af483cbcf4de8e67352f1
Static task
static1
Behavioral task
behavioral1
Sample
503d1d7af2c9ffa6d7d12e67e6be98c5b004cdd0192784a2eb26c667111e43e9.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
503d1d7af2c9ffa6d7d12e67e6be98c5b004cdd0192784a2eb26c667111e43e9.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
503d1d7af2c9ffa6d7d12e67e6be98c5b004cdd0192784a2eb26c667111e43e9
-
Size
6.4MB
-
MD5
9703cd46017b9e58d149b310a9769bf4
-
SHA1
111899150647f348b710d3afba7b401a26a32005
-
SHA256
503d1d7af2c9ffa6d7d12e67e6be98c5b004cdd0192784a2eb26c667111e43e9
-
SHA512
b3c70f08bce0b7cce6c198d630cd8a13ffc256c9e12456e9306594da7a4805ccc456a1d859c9daaea7de0f63fe35d297cb5d326e482af483cbcf4de8e67352f1
Score9/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-