General
-
Target
31302655af916d773479844df1a3565aeb86de8ef1f23310e888bd436a16bba4
-
Size
534KB
-
Sample
220524-sa3wpsahak
-
MD5
9873d96e49ac54a35710a82cda6d002a
-
SHA1
0f8f5675ffbbc73489dcda0580455557f6d12dc7
-
SHA256
31302655af916d773479844df1a3565aeb86de8ef1f23310e888bd436a16bba4
-
SHA512
bdca9a62d296a41c85bef949d293cb4f597a64699e9c12869f6c25116e8330d7b2313578d27e763aafaff86f32cdba8a6c6428665dec778209bc5017fc6ace97
Malware Config
Targets
-
-
Target
31302655af916d773479844df1a3565aeb86de8ef1f23310e888bd436a16bba4
-
Size
534KB
-
MD5
9873d96e49ac54a35710a82cda6d002a
-
SHA1
0f8f5675ffbbc73489dcda0580455557f6d12dc7
-
SHA256
31302655af916d773479844df1a3565aeb86de8ef1f23310e888bd436a16bba4
-
SHA512
bdca9a62d296a41c85bef949d293cb4f597a64699e9c12869f6c25116e8330d7b2313578d27e763aafaff86f32cdba8a6c6428665dec778209bc5017fc6ace97
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-