General
-
Target
5c734cbcd749d809193e43d615161c27e0a4ae2f217713c67421ff2220835e98
-
Size
1.7MB
-
Sample
221125-qdqz7sdd6z
-
MD5
943933373f4e7ce28a51d25e49135b31
-
SHA1
750c4587191e5555373079f09777667475a7cc77
-
SHA256
5c734cbcd749d809193e43d615161c27e0a4ae2f217713c67421ff2220835e98
-
SHA512
8b3edb5c948c029f545233b3e4a74476a64aa493e2c30659025fc33e51325fb80f914fc0f2d4c3e2cee9834af2fd45114d6d31d0160104aeed862ab3999549ac
-
SSDEEP
49152:qUCGmlEoSCjwbtr/fgi3JSGiDVk/Wf110F6:qU7//fgi3mDV5f1o6
Malware Config
Targets
-
-
Target
5c734cbcd749d809193e43d615161c27e0a4ae2f217713c67421ff2220835e98
-
Size
1.7MB
-
MD5
943933373f4e7ce28a51d25e49135b31
-
SHA1
750c4587191e5555373079f09777667475a7cc77
-
SHA256
5c734cbcd749d809193e43d615161c27e0a4ae2f217713c67421ff2220835e98
-
SHA512
8b3edb5c948c029f545233b3e4a74476a64aa493e2c30659025fc33e51325fb80f914fc0f2d4c3e2cee9834af2fd45114d6d31d0160104aeed862ab3999549ac
-
SSDEEP
49152:qUCGmlEoSCjwbtr/fgi3JSGiDVk/Wf110F6:qU7//fgi3mDV5f1o6
Score8/10-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-