General
-
Target
97c1eef63efb95640173d226e1eda61ce7dba9bb3cef9836716e197066f90dad
-
Size
3.1MB
-
Sample
220524-a3hgcsdhbj
-
MD5
94793104185332ba780f167310695620
-
SHA1
a1623e5640c786d893f280a3c3ab062676be9368
-
SHA256
97c1eef63efb95640173d226e1eda61ce7dba9bb3cef9836716e197066f90dad
-
SHA512
3573bc02a47df770eaba801e0a2e2ca227bbef432f9b26bf03ce91384daa546b225ef209d4f9c1d540d31098e96fca87509166285272b1b034ec7d809d6cd247
Static task
static1
Behavioral task
behavioral1
Sample
97c1eef63efb95640173d226e1eda61ce7dba9bb3cef9836716e197066f90dad.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
97c1eef63efb95640173d226e1eda61ce7dba9bb3cef9836716e197066f90dad.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
97c1eef63efb95640173d226e1eda61ce7dba9bb3cef9836716e197066f90dad
-
Size
3.1MB
-
MD5
94793104185332ba780f167310695620
-
SHA1
a1623e5640c786d893f280a3c3ab062676be9368
-
SHA256
97c1eef63efb95640173d226e1eda61ce7dba9bb3cef9836716e197066f90dad
-
SHA512
3573bc02a47df770eaba801e0a2e2ca227bbef432f9b26bf03ce91384daa546b225ef209d4f9c1d540d31098e96fca87509166285272b1b034ec7d809d6cd247
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-