General
-
Target
6bb280da2290da9129d2f0398728fb43110a1399614b473b14b990f98373323b
-
Size
258KB
-
Sample
221003-n4k6jaeeb9
-
MD5
049d9d8e49cebecbd4544ca68e6a7705
-
SHA1
f6bf531954b3423310c924b962cf7a5c7fa7dd87
-
SHA256
6bb280da2290da9129d2f0398728fb43110a1399614b473b14b990f98373323b
-
SHA512
350036e50b9c7ad8e0dd46dbd57cf67781ecd7e242dd495480f2b9df38284a9f0a250aa88139a8f7a948f90e28166485688cdeee0ff8308e12de7c63dcf247fd
-
SSDEEP
6144:2bNz4Vw9xjMWn0lEsr6BRZ52fv6Y+oNUmlN:4aw9xjMBhrUZ2fhrUmlN
Static task
static1
Behavioral task
behavioral1
Sample
6bb280da2290da9129d2f0398728fb43110a1399614b473b14b990f98373323b.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
6bb280da2290da9129d2f0398728fb43110a1399614b473b14b990f98373323b.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
6bb280da2290da9129d2f0398728fb43110a1399614b473b14b990f98373323b
-
Size
258KB
-
MD5
049d9d8e49cebecbd4544ca68e6a7705
-
SHA1
f6bf531954b3423310c924b962cf7a5c7fa7dd87
-
SHA256
6bb280da2290da9129d2f0398728fb43110a1399614b473b14b990f98373323b
-
SHA512
350036e50b9c7ad8e0dd46dbd57cf67781ecd7e242dd495480f2b9df38284a9f0a250aa88139a8f7a948f90e28166485688cdeee0ff8308e12de7c63dcf247fd
-
SSDEEP
6144:2bNz4Vw9xjMWn0lEsr6BRZ52fv6Y+oNUmlN:4aw9xjMBhrUZ2fhrUmlN
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-