General
-
Target
KART_for_Business_4.0.0.861.0.9335546.0_en-US.exe
-
Size
92.4MB
-
Sample
220527-fj9z6aghc7
-
MD5
12884cdfb4244da6b16fc073f5709d79
-
SHA1
c79914e38f4058db222be6e44aa714f0db6d0cbe
-
SHA256
f8ca32ecae030675512b8896aa28b2a5b8fa6605285278105315beb8f331e7ce
-
SHA512
7dc0ce86adfa69b0299ab919d084aa3a9a4905dc7d7b6ff3477329cc46b7a7fddd811e206a41046014bf71c61a94e772bb29f782cd497eb54f6fae74ba1ecd09
Malware Config
Targets
-
-
Target
KART_for_Business_4.0.0.861.0.9335546.0_en-US.exe
-
Size
92.4MB
-
MD5
12884cdfb4244da6b16fc073f5709d79
-
SHA1
c79914e38f4058db222be6e44aa714f0db6d0cbe
-
SHA256
f8ca32ecae030675512b8896aa28b2a5b8fa6605285278105315beb8f331e7ce
-
SHA512
7dc0ce86adfa69b0299ab919d084aa3a9a4905dc7d7b6ff3477329cc46b7a7fddd811e206a41046014bf71c61a94e772bb29f782cd497eb54f6fae74ba1ecd09
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-