General
-
Target
pdfmagic.exe
-
Size
4.3MB
-
Sample
230301-x4b3ashd5w
-
MD5
b7819389909c4d9dae3c9a6135ab1319
-
SHA1
4a638f17e7965f2ee2998405b0822c5881c9594b
-
SHA256
6e837d04c0c0951d671e7e04140dee81db2263d27f7346c4390d148b4f829a65
-
SHA512
b3dcd77789ce9a2208b2496fabdc8328be797b898b25f4bbcadaabf9cdbb121f6c9b3d9ae1433d49df28bc0f62301a8ad8f27fa5b040a650ea10a0ef021dddc7
-
SSDEEP
49152:IWqR4AnaxLJw9KIDDzu8MDi4+GICz/VYiNIBd4NXyPr/Sx4fnepVA4GORoEcmam4:OR4JJR8hlG/75NIvPex4vi1n6/AYTM
Malware Config
Targets
-
-
Target
pdfmagic.exe
-
Size
4.3MB
-
MD5
b7819389909c4d9dae3c9a6135ab1319
-
SHA1
4a638f17e7965f2ee2998405b0822c5881c9594b
-
SHA256
6e837d04c0c0951d671e7e04140dee81db2263d27f7346c4390d148b4f829a65
-
SHA512
b3dcd77789ce9a2208b2496fabdc8328be797b898b25f4bbcadaabf9cdbb121f6c9b3d9ae1433d49df28bc0f62301a8ad8f27fa5b040a650ea10a0ef021dddc7
-
SSDEEP
49152:IWqR4AnaxLJw9KIDDzu8MDi4+GICz/VYiNIBd4NXyPr/Sx4fnepVA4GORoEcmam4:OR4JJR8hlG/75NIvPex4vi1n6/AYTM
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-