General
-
Target
BuilderTrialSetup_v421.exe
-
Size
14.0MB
-
Sample
230216-zt5b7sbf3y
-
MD5
b47f848f5cea33277904f09b0c19a801
-
SHA1
417612ba19caa0a85082a4c3453bc20c81822d0e
-
SHA256
e8e4eda49700f8b5dac70bcaab5ac159b4d2460adbbc1eac6494598b4cb4bc64
-
SHA512
9da2ad81a3ccb17b6b075073aa2be05d568ea9df655a2e4512e8fb102d785b6c7caf5fa3a98448652ee4d7a15c50eddcdc3dd22ea07e01a6fa1314d81a92f8b7
-
SSDEEP
196608:jrtMyZPifnNbT/3vl9gncxEBxtRNwXOvX72h0WzfDeoqvw1YF8jD+EshvGf12+:3iwPifFn8xtRGXOvX7y0a6oC8v8r+
Malware Config
Targets
-
-
Target
BuilderTrialSetup_v421.exe
-
Size
14.0MB
-
MD5
b47f848f5cea33277904f09b0c19a801
-
SHA1
417612ba19caa0a85082a4c3453bc20c81822d0e
-
SHA256
e8e4eda49700f8b5dac70bcaab5ac159b4d2460adbbc1eac6494598b4cb4bc64
-
SHA512
9da2ad81a3ccb17b6b075073aa2be05d568ea9df655a2e4512e8fb102d785b6c7caf5fa3a98448652ee4d7a15c50eddcdc3dd22ea07e01a6fa1314d81a92f8b7
-
SSDEEP
196608:jrtMyZPifnNbT/3vl9gncxEBxtRNwXOvX72h0WzfDeoqvw1YF8jD+EshvGf12+:3iwPifFn8xtRGXOvX7y0a6oC8v8r+
Score7/10-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Loads dropped DLL
-
Registers COM server for autorun
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-