General
-
Target
00ddba492ec2ac7df8bce0acd0b784a4d1be76bdd3b62aea792b0df95b102855
-
Size
573KB
-
Sample
220524-eq3zrafcg7
-
MD5
156603f5047a0b18d8b8762fb98b16b0
-
SHA1
5ab23ca80741d0afb620a9947d73f313c9254736
-
SHA256
00ddba492ec2ac7df8bce0acd0b784a4d1be76bdd3b62aea792b0df95b102855
-
SHA512
1e4ddeaf82a9ccb6455c5b84fc4b82f67562e5fc7029e40e89ff5ea993b7a03b69492a8be95e4a2c92bde83db931d2bb2af480491a549b4484b387e3444195dd
Static task
static1
Behavioral task
behavioral1
Sample
00ddba492ec2ac7df8bce0acd0b784a4d1be76bdd3b62aea792b0df95b102855.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
00ddba492ec2ac7df8bce0acd0b784a4d1be76bdd3b62aea792b0df95b102855.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
00ddba492ec2ac7df8bce0acd0b784a4d1be76bdd3b62aea792b0df95b102855
-
Size
573KB
-
MD5
156603f5047a0b18d8b8762fb98b16b0
-
SHA1
5ab23ca80741d0afb620a9947d73f313c9254736
-
SHA256
00ddba492ec2ac7df8bce0acd0b784a4d1be76bdd3b62aea792b0df95b102855
-
SHA512
1e4ddeaf82a9ccb6455c5b84fc4b82f67562e5fc7029e40e89ff5ea993b7a03b69492a8be95e4a2c92bde83db931d2bb2af480491a549b4484b387e3444195dd
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-