General
-
Target
e9469fbac29978f34cd6603768086ce17ad0808376ba203c70964f42a318c86b
-
Size
1.4MB
-
Sample
230329-c4ah9agb5z
-
MD5
8a4d81dbc2c12e6c1dca9822d8d4e373
-
SHA1
fba629cce2b148d7220088421b031cb8d6cdbdeb
-
SHA256
e9469fbac29978f34cd6603768086ce17ad0808376ba203c70964f42a318c86b
-
SHA512
9962187b57da69b0bf2da2e4ea12cdfda2c4f5a531ed1cea5b2d95087e4973af5e7c970c490f08728d1ef15b38b303f6666304b833e73cff2ee62d9f93e9f586
-
SSDEEP
24576:qjpl25IzQ4JnFbMzqaIYtWXwjqebU0XvgwuQ9PrEfAHAKF/:qjPOkFSqa3tWXwFbdXIwu0Ik/
Malware Config
Targets
-
-
Target
e9469fbac29978f34cd6603768086ce17ad0808376ba203c70964f42a318c86b
-
Size
1.4MB
-
MD5
8a4d81dbc2c12e6c1dca9822d8d4e373
-
SHA1
fba629cce2b148d7220088421b031cb8d6cdbdeb
-
SHA256
e9469fbac29978f34cd6603768086ce17ad0808376ba203c70964f42a318c86b
-
SHA512
9962187b57da69b0bf2da2e4ea12cdfda2c4f5a531ed1cea5b2d95087e4973af5e7c970c490f08728d1ef15b38b303f6666304b833e73cff2ee62d9f93e9f586
-
SSDEEP
24576:qjpl25IzQ4JnFbMzqaIYtWXwjqebU0XvgwuQ9PrEfAHAKF/:qjPOkFSqa3tWXwFbdXIwu0Ik/
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-