General
-
Target
64d348b4daa9e7e8e5f5496acef75f99069269ae3a03519c694ed587d8e9aea1
-
Size
275KB
-
Sample
221003-n1ketsedb2
-
MD5
68a74c863a5cf8708099b7beb28d776f
-
SHA1
efd2da2a689aabf10caddf695f583d7e2df86747
-
SHA256
64d348b4daa9e7e8e5f5496acef75f99069269ae3a03519c694ed587d8e9aea1
-
SHA512
e5015763e6afd8292789d42f9a6ff0c1696b2f86db7459e329ccb53ba037465b6ab01d68482534b0e3b29c99b241e68441cdfd37c74dd782074d4dbfb8f4598c
-
SSDEEP
6144:QBKHYmz6mq2pmHmFV2YjnWuwqzeRhvazHYvwtm:n4m5bpnL2KnEqCRhvaDe
Behavioral task
behavioral1
Sample
64d348b4daa9e7e8e5f5496acef75f99069269ae3a03519c694ed587d8e9aea1.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
64d348b4daa9e7e8e5f5496acef75f99069269ae3a03519c694ed587d8e9aea1.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
64d348b4daa9e7e8e5f5496acef75f99069269ae3a03519c694ed587d8e9aea1
-
Size
275KB
-
MD5
68a74c863a5cf8708099b7beb28d776f
-
SHA1
efd2da2a689aabf10caddf695f583d7e2df86747
-
SHA256
64d348b4daa9e7e8e5f5496acef75f99069269ae3a03519c694ed587d8e9aea1
-
SHA512
e5015763e6afd8292789d42f9a6ff0c1696b2f86db7459e329ccb53ba037465b6ab01d68482534b0e3b29c99b241e68441cdfd37c74dd782074d4dbfb8f4598c
-
SSDEEP
6144:QBKHYmz6mq2pmHmFV2YjnWuwqzeRhvazHYvwtm:n4m5bpnL2KnEqCRhvaDe
Score9/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-