General
-
Target
b8505ce8bfcbcb35e416859fc355d72aa62a0aabc3f28425a8d6267c926c9e88
-
Size
256KB
-
Sample
221124-qz13asgd66
-
MD5
21ca38a38a1d371767412efb73774bf5
-
SHA1
6d5797b4efee1293d572ee88d471a71c6089f7c7
-
SHA256
b8505ce8bfcbcb35e416859fc355d72aa62a0aabc3f28425a8d6267c926c9e88
-
SHA512
3c32bd457492e686c82bc963131e410c0174c2fb0b2a0f1ef13fea5360709ac401ed1240ccb7b9976adea36cba567eafd5f95f77a3c4972cab640ed410ed5e56
-
SSDEEP
6144:NeTeM/XU1zmDO2RwvBbgCl1/ILmUhvu3ivhWc4G8ZXHmyl1G:xM/U1zmh6xZlamUhvu4yG8Z3mylA
Malware Config
Targets
-
-
Target
b8505ce8bfcbcb35e416859fc355d72aa62a0aabc3f28425a8d6267c926c9e88
-
Size
256KB
-
MD5
21ca38a38a1d371767412efb73774bf5
-
SHA1
6d5797b4efee1293d572ee88d471a71c6089f7c7
-
SHA256
b8505ce8bfcbcb35e416859fc355d72aa62a0aabc3f28425a8d6267c926c9e88
-
SHA512
3c32bd457492e686c82bc963131e410c0174c2fb0b2a0f1ef13fea5360709ac401ed1240ccb7b9976adea36cba567eafd5f95f77a3c4972cab640ed410ed5e56
-
SSDEEP
6144:NeTeM/XU1zmDO2RwvBbgCl1/ILmUhvu3ivhWc4G8ZXHmyl1G:xM/U1zmh6xZlamUhvu4yG8Z3mylA
Score8/10-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-