General
-
Target
dc99c368b270693cc948f5f66a1aae232b739712b28d0f627b9ffb09616d4edd
-
Size
1.5MB
-
Sample
230224-epaxksac38
-
MD5
48b6e029cdd1b415973793abbc7f67d1
-
SHA1
b1bd655d6312aa58404081d1754f8d9f0f9a8e47
-
SHA256
dc99c368b270693cc948f5f66a1aae232b739712b28d0f627b9ffb09616d4edd
-
SHA512
bd24d7d5298718aed28ea561f8d7446824b9cda2b92b5c46108df6d79be5222714b7520891f70f6083d746814eb8ffe7e5be0107506cad3fbdcd222313775e78
-
SSDEEP
24576:RGHCm8uPdJPbYY3n0z0sKikxYqj6vRmJPtMWmop8TDAVaCYz5GxX:ouW8YkzrKikqw6vmtpNiXAVak
Static task
static1
Behavioral task
behavioral1
Sample
dc99c368b270693cc948f5f66a1aae232b739712b28d0f627b9ffb09616d4edd.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
dc99c368b270693cc948f5f66a1aae232b739712b28d0f627b9ffb09616d4edd.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
dc99c368b270693cc948f5f66a1aae232b739712b28d0f627b9ffb09616d4edd
-
Size
1.5MB
-
MD5
48b6e029cdd1b415973793abbc7f67d1
-
SHA1
b1bd655d6312aa58404081d1754f8d9f0f9a8e47
-
SHA256
dc99c368b270693cc948f5f66a1aae232b739712b28d0f627b9ffb09616d4edd
-
SHA512
bd24d7d5298718aed28ea561f8d7446824b9cda2b92b5c46108df6d79be5222714b7520891f70f6083d746814eb8ffe7e5be0107506cad3fbdcd222313775e78
-
SSDEEP
24576:RGHCm8uPdJPbYY3n0z0sKikxYqj6vRmJPtMWmop8TDAVaCYz5GxX:ouW8YkzrKikqw6vmtpNiXAVak
Score8/10-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-