General
-
Target
7a37f9b76cbdee6fb5c6138061fb8832701d5dada9a1078da4c498b7e2875109
-
Size
639KB
-
Sample
221203-gmfq6adh2t
-
MD5
b7cd08ef1e02cb4c47dd84d7eefded14
-
SHA1
72c61924af666b93187d5bfa639c794ee111b8c9
-
SHA256
7a37f9b76cbdee6fb5c6138061fb8832701d5dada9a1078da4c498b7e2875109
-
SHA512
6b17c3236ac69b9191f133996fc5a24252161b2a657f139adef28f70c4743a4b1da44b9105c1f4a58ef4fd77ea56939db8313afb051bb35a7d6146b8e8ac0da6
-
SSDEEP
12288:OgitGs0IsFqner8qaMoGUFOcMxTY0gTurlOGb5O+yHCs57bBQe5A:LitV0IsFKer8RMoRF6qTurlDVO7H/57S
Static task
static1
Behavioral task
behavioral1
Sample
7a37f9b76cbdee6fb5c6138061fb8832701d5dada9a1078da4c498b7e2875109.exe
Resource
win7-20221111-en
Malware Config
Targets
-
-
Target
7a37f9b76cbdee6fb5c6138061fb8832701d5dada9a1078da4c498b7e2875109
-
Size
639KB
-
MD5
b7cd08ef1e02cb4c47dd84d7eefded14
-
SHA1
72c61924af666b93187d5bfa639c794ee111b8c9
-
SHA256
7a37f9b76cbdee6fb5c6138061fb8832701d5dada9a1078da4c498b7e2875109
-
SHA512
6b17c3236ac69b9191f133996fc5a24252161b2a657f139adef28f70c4743a4b1da44b9105c1f4a58ef4fd77ea56939db8313afb051bb35a7d6146b8e8ac0da6
-
SSDEEP
12288:OgitGs0IsFqner8qaMoGUFOcMxTY0gTurlOGb5O+yHCs57bBQe5A:LitV0IsFKer8RMoRF6qTurlDVO7H/57S
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-