General
-
Target
9136f6bbd53341da822c423ba591818b03feae3011e2e17688504f999b2f2cbb
-
Size
823KB
-
Sample
221128-fjrtksbh9v
-
MD5
6a1d04294a323aced762cb4023946f02
-
SHA1
f7c92ef40d506c9fbe625560c080ea21414a9f20
-
SHA256
9136f6bbd53341da822c423ba591818b03feae3011e2e17688504f999b2f2cbb
-
SHA512
25bfd60fc41260d8438460546358706b691194e85f8695efcda2bf400ab8591c2f1c6e9e32307de2a13779c70d3db4a5983ebb38e2f1fe707f04b5815fa41d95
-
SSDEEP
12288:ymi/oGGwH/BTqATt9IGeIm0JFg7qFhZjGgxGwPUD0INtcs9w7Ju+esTCmKkUUJ:5i/oMHZ1fm0s0agxGwfINyz7R2m3UG
Malware Config
Targets
-
-
Target
9136f6bbd53341da822c423ba591818b03feae3011e2e17688504f999b2f2cbb
-
Size
823KB
-
MD5
6a1d04294a323aced762cb4023946f02
-
SHA1
f7c92ef40d506c9fbe625560c080ea21414a9f20
-
SHA256
9136f6bbd53341da822c423ba591818b03feae3011e2e17688504f999b2f2cbb
-
SHA512
25bfd60fc41260d8438460546358706b691194e85f8695efcda2bf400ab8591c2f1c6e9e32307de2a13779c70d3db4a5983ebb38e2f1fe707f04b5815fa41d95
-
SSDEEP
12288:ymi/oGGwH/BTqATt9IGeIm0JFg7qFhZjGgxGwPUD0INtcs9w7Ju+esTCmKkUUJ:5i/oMHZ1fm0s0agxGwfINyz7R2m3UG
Score8/10-
ASPack v2.12-2.42
Detects executables packed with ASPack v2.12-2.42
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-