General
-
Target
692c19600eea6780871ff14efd422558d5493a2ddf435a7433fc2d0bda23d1cd
-
Size
1.4MB
-
Sample
221203-gmgy8aad67
-
MD5
f5aa29925130f2f8176431ac481e896c
-
SHA1
6718884acd2b6d1a6a19b3ab8568b863b8b17efa
-
SHA256
692c19600eea6780871ff14efd422558d5493a2ddf435a7433fc2d0bda23d1cd
-
SHA512
52583336f3225b686cd4f701110f04e08689feab2e152c704ec589c947f937b98f5b34f90b4564b1106370874abcfbd823d603b68f2cca8e5934c2a4b55d0fb7
-
SSDEEP
24576:fitV0IsFKeOMMM5ge8sfqJDWw0CXryLtmx5kvJDDmZg1uXmTiG069fK+ay25LUmR:fitV1YKeOMMM58sfsDrtyLtBJ2ZLXmTU
Static task
static1
Behavioral task
behavioral1
Sample
692c19600eea6780871ff14efd422558d5493a2ddf435a7433fc2d0bda23d1cd.exe
Resource
win7-20221111-en
Malware Config
Targets
-
-
Target
692c19600eea6780871ff14efd422558d5493a2ddf435a7433fc2d0bda23d1cd
-
Size
1.4MB
-
MD5
f5aa29925130f2f8176431ac481e896c
-
SHA1
6718884acd2b6d1a6a19b3ab8568b863b8b17efa
-
SHA256
692c19600eea6780871ff14efd422558d5493a2ddf435a7433fc2d0bda23d1cd
-
SHA512
52583336f3225b686cd4f701110f04e08689feab2e152c704ec589c947f937b98f5b34f90b4564b1106370874abcfbd823d603b68f2cca8e5934c2a4b55d0fb7
-
SSDEEP
24576:fitV0IsFKeOMMM5ge8sfqJDWw0CXryLtmx5kvJDDmZg1uXmTiG069fK+ay25LUmR:fitV1YKeOMMM58sfsDrtyLtBJ2ZLXmTU
-
Modifies system executable filetype association
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Registers COM server for autorun
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-