General
-
Target
d4ffc32fe759a62fdf80f39ba417ac50d6868b88f78896dc3a4914a8e9bebef3
-
Size
214KB
-
Sample
221127-s5c9jahd34
-
MD5
91b66e0a738ffa31cbb53dabbfe5303b
-
SHA1
f560be5e317ddcd2566951d7e85345b55f78d1e0
-
SHA256
d4ffc32fe759a62fdf80f39ba417ac50d6868b88f78896dc3a4914a8e9bebef3
-
SHA512
57583cfa65c7d74f2189ec540d7ef370b58a238a8e9159319d3d26ea770a5b539691b5a4607ad9ff0329309c40e5c98d68648bf2dfb5362c8a770f401ec4c46d
-
SSDEEP
3072:2gXdZt9P6D3XJjcgTBKcuOV/JOZFZ5KuWzsCi3ZhkP+YT6erSvy4rUhwRnwKCZBR:2e34VvKcugJkFZUuWzA3MWYT+vy4hq7
Static task
static1
Behavioral task
behavioral1
Sample
d4ffc32fe759a62fdf80f39ba417ac50d6868b88f78896dc3a4914a8e9bebef3.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
d4ffc32fe759a62fdf80f39ba417ac50d6868b88f78896dc3a4914a8e9bebef3.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
d4ffc32fe759a62fdf80f39ba417ac50d6868b88f78896dc3a4914a8e9bebef3
-
Size
214KB
-
MD5
91b66e0a738ffa31cbb53dabbfe5303b
-
SHA1
f560be5e317ddcd2566951d7e85345b55f78d1e0
-
SHA256
d4ffc32fe759a62fdf80f39ba417ac50d6868b88f78896dc3a4914a8e9bebef3
-
SHA512
57583cfa65c7d74f2189ec540d7ef370b58a238a8e9159319d3d26ea770a5b539691b5a4607ad9ff0329309c40e5c98d68648bf2dfb5362c8a770f401ec4c46d
-
SSDEEP
3072:2gXdZt9P6D3XJjcgTBKcuOV/JOZFZ5KuWzsCi3ZhkP+YT6erSvy4rUhwRnwKCZBR:2e34VvKcugJkFZUuWzA3MWYT+vy4hq7
Score8/10-
Downloads MZ/PE file
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-