General
-
Target
888e0940fba3c3c8a3d85d1b9bc21583ee01d8b2879d88b2a5596a22f4c20704
-
Size
1.5MB
-
Sample
220521-awxmpsdhcq
-
MD5
d06994d9a3382a107e18b6d3e7ec9e5a
-
SHA1
d3d8485f3b38c1f4618268aafe536ec55f973b1e
-
SHA256
888e0940fba3c3c8a3d85d1b9bc21583ee01d8b2879d88b2a5596a22f4c20704
-
SHA512
e6895e662bd51754783dd37dcd02524b1b603392953bfde984e86ee8e8a731f7940de6d7746616751d3595c854a9c53d60ffe784acf48764624074c6c1b0703a
Static task
static1
Behavioral task
behavioral1
Sample
888e0940fba3c3c8a3d85d1b9bc21583ee01d8b2879d88b2a5596a22f4c20704.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
888e0940fba3c3c8a3d85d1b9bc21583ee01d8b2879d88b2a5596a22f4c20704.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
888e0940fba3c3c8a3d85d1b9bc21583ee01d8b2879d88b2a5596a22f4c20704
-
Size
1.5MB
-
MD5
d06994d9a3382a107e18b6d3e7ec9e5a
-
SHA1
d3d8485f3b38c1f4618268aafe536ec55f973b1e
-
SHA256
888e0940fba3c3c8a3d85d1b9bc21583ee01d8b2879d88b2a5596a22f4c20704
-
SHA512
e6895e662bd51754783dd37dcd02524b1b603392953bfde984e86ee8e8a731f7940de6d7746616751d3595c854a9c53d60ffe784acf48764624074c6c1b0703a
Score8/10-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-