General
-
Target
9c22f3a6eebaeefbca837db841da8b22a6220881aa0896a8d9a9c84ab10e4c3c
-
Size
1.4MB
-
Sample
220521-wz8d9safd5
-
MD5
ae2b4316622770a885d6b35bc868a630
-
SHA1
aee31066081ae58b3b335490e87be87b1a40be07
-
SHA256
9c22f3a6eebaeefbca837db841da8b22a6220881aa0896a8d9a9c84ab10e4c3c
-
SHA512
2e28696fd1c449c074701b1484e077b62d3c20242901ba144186b423eabce0d162da5ba787fb7ffa2874edd77295ca1e3267d807d08dcc66477e9031d5ea6d10
Static task
static1
Behavioral task
behavioral1
Sample
9c22f3a6eebaeefbca837db841da8b22a6220881aa0896a8d9a9c84ab10e4c3c.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
9c22f3a6eebaeefbca837db841da8b22a6220881aa0896a8d9a9c84ab10e4c3c.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
9c22f3a6eebaeefbca837db841da8b22a6220881aa0896a8d9a9c84ab10e4c3c
-
Size
1.4MB
-
MD5
ae2b4316622770a885d6b35bc868a630
-
SHA1
aee31066081ae58b3b335490e87be87b1a40be07
-
SHA256
9c22f3a6eebaeefbca837db841da8b22a6220881aa0896a8d9a9c84ab10e4c3c
-
SHA512
2e28696fd1c449c074701b1484e077b62d3c20242901ba144186b423eabce0d162da5ba787fb7ffa2874edd77295ca1e3267d807d08dcc66477e9031d5ea6d10
Score8/10-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-