General
-
Target
0a2ef7badaf33ec6c84b75302731e27c85409b616384e6ed91b23629b39754c8
-
Size
1.9MB
-
Sample
221203-gmxpnsdh4t
-
MD5
42d4763dea91081dc2202ee0e4a4372f
-
SHA1
eaa8a8b22221fad5ef5aeb440802c4bb4072bcfb
-
SHA256
0a2ef7badaf33ec6c84b75302731e27c85409b616384e6ed91b23629b39754c8
-
SHA512
7ba9884d68c4346360d2e103b50c0963942a51a7ff0dc9978501f6e39c6f8e4c71c5c316f3057405beb24f83d96b0e305b922375b27ace3a4abbfd4d4ef300b1
-
SSDEEP
49152:xitV1YKeMH6LQ8iR2acHU1aKKbw9CFRdnozTt9KoQ6nz1:xi1YKNOicacmubhFQzB97z1
Static task
static1
Behavioral task
behavioral1
Sample
0a2ef7badaf33ec6c84b75302731e27c85409b616384e6ed91b23629b39754c8.exe
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
0a2ef7badaf33ec6c84b75302731e27c85409b616384e6ed91b23629b39754c8
-
Size
1.9MB
-
MD5
42d4763dea91081dc2202ee0e4a4372f
-
SHA1
eaa8a8b22221fad5ef5aeb440802c4bb4072bcfb
-
SHA256
0a2ef7badaf33ec6c84b75302731e27c85409b616384e6ed91b23629b39754c8
-
SHA512
7ba9884d68c4346360d2e103b50c0963942a51a7ff0dc9978501f6e39c6f8e4c71c5c316f3057405beb24f83d96b0e305b922375b27ace3a4abbfd4d4ef300b1
-
SSDEEP
49152:xitV1YKeMH6LQ8iR2acHU1aKKbw9CFRdnozTt9KoQ6nz1:xi1YKNOicacmubhFQzB97z1
-
Modifies system executable filetype association
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Registers COM server for autorun
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-