General
-
Target
b4b2c08d12d3479a71cf784d52a8bba36724b82c20ae035fc42f21bcef4e7359
-
Size
1.2MB
-
Sample
221130-2x2ftscf77
-
MD5
b281e015b0835d2dad9ca7c7fad658b1
-
SHA1
69cda730f56ef49082e54873e4ead849345a016e
-
SHA256
b4b2c08d12d3479a71cf784d52a8bba36724b82c20ae035fc42f21bcef4e7359
-
SHA512
8424525867dc01657c6b084c3743d68bc12e6ed58f99a352a103accbe586f1893c77b3f9ea992b63ba191233fc65b7e758fd438c2f68823bc572dc57ee611264
-
SSDEEP
24576:MIylj5T2b/HV4ygVYmHr3BvjfgqUoh2YLTGV0RQxgWMmZ1TncmdCs:MIyf2b/HV4ygV7VvjfgEZLT7RQyWrTn/
Malware Config
Targets
-
-
Target
b4b2c08d12d3479a71cf784d52a8bba36724b82c20ae035fc42f21bcef4e7359
-
Size
1.2MB
-
MD5
b281e015b0835d2dad9ca7c7fad658b1
-
SHA1
69cda730f56ef49082e54873e4ead849345a016e
-
SHA256
b4b2c08d12d3479a71cf784d52a8bba36724b82c20ae035fc42f21bcef4e7359
-
SHA512
8424525867dc01657c6b084c3743d68bc12e6ed58f99a352a103accbe586f1893c77b3f9ea992b63ba191233fc65b7e758fd438c2f68823bc572dc57ee611264
-
SSDEEP
24576:MIylj5T2b/HV4ygVYmHr3BvjfgqUoh2YLTGV0RQxgWMmZ1TncmdCs:MIyf2b/HV4ygV7VvjfgEZLT7RQyWrTn/
Score8/10-
Executes dropped EXE
-
Sets DLL path for service in the registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-