General

  • Target

    9dbbb0e20e977f1bb9a9ef97dd0f38c38627c5162d36926ea8e9e017e4bbe9ba

  • Size

    685KB

  • Sample

    221002-zxaa8safg4

  • MD5

    705edd92a42b962d11050726377dfd20

  • SHA1

    e16b7eed517981982f86523cda7c60201eb0bf54

  • SHA256

    9dbbb0e20e977f1bb9a9ef97dd0f38c38627c5162d36926ea8e9e017e4bbe9ba

  • SHA512

    1e34446f8b52d72b6b2f2667838b2912a2e80e1ef53994b1b4b50ce0cfdeb238ee5ca268acba9f14959d66b87e811553c0b51c6a7c2f508e3398d111fe6f4efd

  • SSDEEP

    12288:3mEBTASggJMutz4hDhFEouFeED0NO3yEU8m/udmipauZZZZ37nvEo8uICH8WQpXm:5BTNJMuJ0NovlbSWcXPQg/ooo3/VMI1h

Score
7/10

Malware Config

Targets

    • Target

      9dbbb0e20e977f1bb9a9ef97dd0f38c38627c5162d36926ea8e9e017e4bbe9ba

    • Size

      685KB

    • MD5

      705edd92a42b962d11050726377dfd20

    • SHA1

      e16b7eed517981982f86523cda7c60201eb0bf54

    • SHA256

      9dbbb0e20e977f1bb9a9ef97dd0f38c38627c5162d36926ea8e9e017e4bbe9ba

    • SHA512

      1e34446f8b52d72b6b2f2667838b2912a2e80e1ef53994b1b4b50ce0cfdeb238ee5ca268acba9f14959d66b87e811553c0b51c6a7c2f508e3398d111fe6f4efd

    • SSDEEP

      12288:3mEBTASggJMutz4hDhFEouFeED0NO3yEU8m/udmipauZZZZ37nvEo8uICH8WQpXm:5BTNJMuJ0NovlbSWcXPQg/ooo3/VMI1h

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Bootkit

1
T1067

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Tasks