General
-
Target
d58482d9af4f9b69008295ba2684f0b249a699162e44319a74cab4cba3a77266
-
Size
3.3MB
-
Sample
220525-bfy19shecl
-
MD5
29ec167f930bbf8256a66463872ff525
-
SHA1
4acb67568804342520d71aed66d3d4fc0feac49e
-
SHA256
d58482d9af4f9b69008295ba2684f0b249a699162e44319a74cab4cba3a77266
-
SHA512
63c1418dd42618f84d68c3fb74356f97f94b1734ee4e28df63dae1632b8a16eef120017070e824ff496aca11ebade6636f6fa7ef52481a3fba258d9005a3886b
Static task
static1
Behavioral task
behavioral1
Sample
d58482d9af4f9b69008295ba2684f0b249a699162e44319a74cab4cba3a77266.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
d58482d9af4f9b69008295ba2684f0b249a699162e44319a74cab4cba3a77266
-
Size
3.3MB
-
MD5
29ec167f930bbf8256a66463872ff525
-
SHA1
4acb67568804342520d71aed66d3d4fc0feac49e
-
SHA256
d58482d9af4f9b69008295ba2684f0b249a699162e44319a74cab4cba3a77266
-
SHA512
63c1418dd42618f84d68c3fb74356f97f94b1734ee4e28df63dae1632b8a16eef120017070e824ff496aca11ebade6636f6fa7ef52481a3fba258d9005a3886b
-
Executes dropped EXE
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Modifies file permissions
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-