General
-
Target
3babc7e333bb689af5f259d1e72c2579c5e2322260d9ed3c95b193dc57567cca
-
Size
5.4MB
-
Sample
230110-1grq1sde7v
-
MD5
ebf9ade7ca552ff54fbce2852b457a7f
-
SHA1
b672ef3610887a9371330b00e3560f8ddd259469
-
SHA256
3babc7e333bb689af5f259d1e72c2579c5e2322260d9ed3c95b193dc57567cca
-
SHA512
3f4473111f706d52047bd1862c6558ccf4751a4632dd5326fe3e60af6d7ff5a0f72494f4805b928736fa2a8f62722faf196b08bee9c180fd06833c526e9ccb58
-
SSDEEP
98304:XKcQRF9EkcfWRRclPEzPFiwr3G9QJiJTOOFQmzmCjHsw7lzYMm53KG+NwwQZK:fazuh85iwr29DJTOOF3PjHswMRaNTQg
Malware Config
Targets
-
-
Target
3babc7e333bb689af5f259d1e72c2579c5e2322260d9ed3c95b193dc57567cca
-
Size
5.4MB
-
MD5
ebf9ade7ca552ff54fbce2852b457a7f
-
SHA1
b672ef3610887a9371330b00e3560f8ddd259469
-
SHA256
3babc7e333bb689af5f259d1e72c2579c5e2322260d9ed3c95b193dc57567cca
-
SHA512
3f4473111f706d52047bd1862c6558ccf4751a4632dd5326fe3e60af6d7ff5a0f72494f4805b928736fa2a8f62722faf196b08bee9c180fd06833c526e9ccb58
-
SSDEEP
98304:XKcQRF9EkcfWRRclPEzPFiwr3G9QJiJTOOFQmzmCjHsw7lzYMm53KG+NwwQZK:fazuh85iwr29DJTOOF3PjHswMRaNTQg
Score8/10-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-