General
-
Target
d62ca45f62b38f4008e3cb25f3e2e10fe694973a8ae3f27accd117477ee3447b
-
Size
275KB
-
Sample
221003-nz75haeddk
-
MD5
4323d6ec3ce0c8562144888025463d02
-
SHA1
136e779c7bfac4f38e4ffa0601315c378a4aecb7
-
SHA256
d62ca45f62b38f4008e3cb25f3e2e10fe694973a8ae3f27accd117477ee3447b
-
SHA512
9761edefefc53362cb6ab37dc2dd0db1e30b75f6c8ce13bfa8eb024d8e7e49644d14f5acffa9ddeee60124337f130427e0f5f4a1d6f072fc80a000299272d1fd
-
SSDEEP
6144:bBKHYmz6mq2pmHmFV2YjnWuwqzeRhvagc+ZtBSUwvECu:c4m5bpnL2KnEqCRhva5+ZtBSUcE/
Malware Config
Targets
-
-
Target
d62ca45f62b38f4008e3cb25f3e2e10fe694973a8ae3f27accd117477ee3447b
-
Size
275KB
-
MD5
4323d6ec3ce0c8562144888025463d02
-
SHA1
136e779c7bfac4f38e4ffa0601315c378a4aecb7
-
SHA256
d62ca45f62b38f4008e3cb25f3e2e10fe694973a8ae3f27accd117477ee3447b
-
SHA512
9761edefefc53362cb6ab37dc2dd0db1e30b75f6c8ce13bfa8eb024d8e7e49644d14f5acffa9ddeee60124337f130427e0f5f4a1d6f072fc80a000299272d1fd
-
SSDEEP
6144:bBKHYmz6mq2pmHmFV2YjnWuwqzeRhvagc+ZtBSUwvECu:c4m5bpnL2KnEqCRhva5+ZtBSUcE/
Score9/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Downloads MZ/PE file
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-