General
-
Target
bd5dd47e1056cbe504ce3aaeb70ff53e9ddfd78cc5fd391a7ea08f4092e86a4d
-
Size
1.5MB
-
Sample
220524-s3edtabhdn
-
MD5
17d6b15ea5cb03db002d2257a2aae99a
-
SHA1
18a259e6f2ef8ea0da6da08addd54f04a7cd18fb
-
SHA256
bd5dd47e1056cbe504ce3aaeb70ff53e9ddfd78cc5fd391a7ea08f4092e86a4d
-
SHA512
5925e0842b68263ed5df75205ee69faa545c5d8acc4e56d40dd29d0bd2abfe0667220da533ace288e502de9372680726aef90db29efe40ba4a520b1d357cbbce
Static task
static1
Behavioral task
behavioral1
Sample
bd5dd47e1056cbe504ce3aaeb70ff53e9ddfd78cc5fd391a7ea08f4092e86a4d.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
bd5dd47e1056cbe504ce3aaeb70ff53e9ddfd78cc5fd391a7ea08f4092e86a4d.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
bd5dd47e1056cbe504ce3aaeb70ff53e9ddfd78cc5fd391a7ea08f4092e86a4d
-
Size
1.5MB
-
MD5
17d6b15ea5cb03db002d2257a2aae99a
-
SHA1
18a259e6f2ef8ea0da6da08addd54f04a7cd18fb
-
SHA256
bd5dd47e1056cbe504ce3aaeb70ff53e9ddfd78cc5fd391a7ea08f4092e86a4d
-
SHA512
5925e0842b68263ed5df75205ee69faa545c5d8acc4e56d40dd29d0bd2abfe0667220da533ace288e502de9372680726aef90db29efe40ba4a520b1d357cbbce
Score8/10-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-