General

  • Target

    8d8478081d8f0b2173d1af6564b7e469a6528babda0761e282e0a5f9715d7217

  • Size

    314KB

  • Sample

    221003-jnge7adgh3

  • MD5

    201c52f6219061d02e59bb11988e2950

  • SHA1

    f6825d6dcd8dfbbac5ca186818b15d4fcb18d77f

  • SHA256

    8d8478081d8f0b2173d1af6564b7e469a6528babda0761e282e0a5f9715d7217

  • SHA512

    02f6b69c6aef542e7facb67cc2a99fdb7f69d57209e215b41770faa6a46bc7ae1020872d8aad8659ceac1525c7e7dc542be5320d0aa8d249881f9a2e6b79c66e

  • SSDEEP

    6144:Eyyzjg3u0rMoSc97kro4DtNxOaK9dAOBhmNnMOD:EyyQ3u0rMclZ0nME

Score
8/10

Malware Config

Targets

    • Target

      8d8478081d8f0b2173d1af6564b7e469a6528babda0761e282e0a5f9715d7217

    • Size

      314KB

    • MD5

      201c52f6219061d02e59bb11988e2950

    • SHA1

      f6825d6dcd8dfbbac5ca186818b15d4fcb18d77f

    • SHA256

      8d8478081d8f0b2173d1af6564b7e469a6528babda0761e282e0a5f9715d7217

    • SHA512

      02f6b69c6aef542e7facb67cc2a99fdb7f69d57209e215b41770faa6a46bc7ae1020872d8aad8659ceac1525c7e7dc542be5320d0aa8d249881f9a2e6b79c66e

    • SSDEEP

      6144:Eyyzjg3u0rMoSc97kro4DtNxOaK9dAOBhmNnMOD:EyyQ3u0rMclZ0nME

    Score
    8/10
    • Sets file execution options in registry

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Adds Run key to start application

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Registry Run Keys / Startup Folder

2
T1060

Bootkit

1
T1067

Defense Evasion

Modify Registry

2
T1112

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Tasks