General
-
Target
dc8abab8b4ac78e63c9412d44f02f3dfbe055d4de4d2e2060451a649125673ba
-
Size
275KB
-
Sample
221123-zjr9wsga91
-
MD5
5555f3e8200401987138db18aee5e61e
-
SHA1
b5cfd44d1bcd437aa7dd0fc75cda1b5eadd19e46
-
SHA256
dc8abab8b4ac78e63c9412d44f02f3dfbe055d4de4d2e2060451a649125673ba
-
SHA512
39701c9547075accec9d6930f5a30fca6c9501b46a7dfc9042754dfe8e55bb48c11b6b3ec2e3568920ba0332c8e570e490249c7409175df87c7026be8c97bfa5
-
SSDEEP
6144:RBKHYmz6mq2pmHmFV2YjnWuwqzeRhva/cfAO9EJgO:G4m5bpnL2KnEqCRhvaU4j
Malware Config
Targets
-
-
Target
dc8abab8b4ac78e63c9412d44f02f3dfbe055d4de4d2e2060451a649125673ba
-
Size
275KB
-
MD5
5555f3e8200401987138db18aee5e61e
-
SHA1
b5cfd44d1bcd437aa7dd0fc75cda1b5eadd19e46
-
SHA256
dc8abab8b4ac78e63c9412d44f02f3dfbe055d4de4d2e2060451a649125673ba
-
SHA512
39701c9547075accec9d6930f5a30fca6c9501b46a7dfc9042754dfe8e55bb48c11b6b3ec2e3568920ba0332c8e570e490249c7409175df87c7026be8c97bfa5
-
SSDEEP
6144:RBKHYmz6mq2pmHmFV2YjnWuwqzeRhva/cfAO9EJgO:G4m5bpnL2KnEqCRhvaU4j
Score9/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Downloads MZ/PE file
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-