General
-
Target
25c25e741ebfd6b74616dd5713e3fd4b32119c8d20c8d6b3d4012389b599ee60
-
Size
4.3MB
-
Sample
221205-ytvbkaef9v
-
MD5
d4c22bfa7469ad0dd435136d24b9dc4e
-
SHA1
4188204ceb1f7878980dec6d56c3a2bb54dac438
-
SHA256
25c25e741ebfd6b74616dd5713e3fd4b32119c8d20c8d6b3d4012389b599ee60
-
SHA512
ef64aac07a9e5afc9edd3498b7cc2a210e0c8252248e0099245ee4cab8f49ae315f1a45a5905faf1d895c310e57b493bfafa0f8684ee58c413d69d468f54aa17
-
SSDEEP
98304:XKcQRF9EkcfWRRclPEzPFiwr3G9QJ8J0U4Xak6gWR/rXra9Zo4:fazuh85iwr291JPxXrajo4
Malware Config
Targets
-
-
Target
25c25e741ebfd6b74616dd5713e3fd4b32119c8d20c8d6b3d4012389b599ee60
-
Size
4.3MB
-
MD5
d4c22bfa7469ad0dd435136d24b9dc4e
-
SHA1
4188204ceb1f7878980dec6d56c3a2bb54dac438
-
SHA256
25c25e741ebfd6b74616dd5713e3fd4b32119c8d20c8d6b3d4012389b599ee60
-
SHA512
ef64aac07a9e5afc9edd3498b7cc2a210e0c8252248e0099245ee4cab8f49ae315f1a45a5905faf1d895c310e57b493bfafa0f8684ee58c413d69d468f54aa17
-
SSDEEP
98304:XKcQRF9EkcfWRRclPEzPFiwr3G9QJ8J0U4Xak6gWR/rXra9Zo4:fazuh85iwr291JPxXrajo4
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-