General
-
Target
561f2ca6faa2f168638392fd1ea568813f48c85402bdd1b0512ea3ebe01b5d4c
-
Size
893KB
-
Sample
221128-ccrnfsfa99
-
MD5
b711bf30087f3754f45b69d650cff63a
-
SHA1
e29030d4e05cf66e847e9abfcaf854898b171152
-
SHA256
561f2ca6faa2f168638392fd1ea568813f48c85402bdd1b0512ea3ebe01b5d4c
-
SHA512
87bd264e4c37f5130ff92ae9ac66718d365b956f4e472a80cd4671b3d14680f2b23fe9017ee85510957cd40d44be398d83f9df0071867d2cf280d93ee8d7d738
-
SSDEEP
24576:gBtISV4SoZzg6UPraoSpT95vBjWRo5elAH7PK86xe:5SWJg6UP+oEbBKoYlAH7/se
Static task
static1
Behavioral task
behavioral1
Sample
561f2ca6faa2f168638392fd1ea568813f48c85402bdd1b0512ea3ebe01b5d4c.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
561f2ca6faa2f168638392fd1ea568813f48c85402bdd1b0512ea3ebe01b5d4c
-
Size
893KB
-
MD5
b711bf30087f3754f45b69d650cff63a
-
SHA1
e29030d4e05cf66e847e9abfcaf854898b171152
-
SHA256
561f2ca6faa2f168638392fd1ea568813f48c85402bdd1b0512ea3ebe01b5d4c
-
SHA512
87bd264e4c37f5130ff92ae9ac66718d365b956f4e472a80cd4671b3d14680f2b23fe9017ee85510957cd40d44be398d83f9df0071867d2cf280d93ee8d7d738
-
SSDEEP
24576:gBtISV4SoZzg6UPraoSpT95vBjWRo5elAH7PK86xe:5SWJg6UP+oEbBKoYlAH7/se
-
Downloads MZ/PE file
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-