General
-
Target
27fd1df26f5a48939f207ec098c13b62a09dc29a18dbac4ea65d0386f2623406
-
Size
1.7MB
-
Sample
230331-ltyb1ahb97
-
MD5
a59e8c44031efc699219f5e58e4b6468
-
SHA1
65d62facf0cf72664af1243fc43062c80ba50792
-
SHA256
27fd1df26f5a48939f207ec098c13b62a09dc29a18dbac4ea65d0386f2623406
-
SHA512
c4354f3e23bf295b5c3c09d5a4d3d36a1f1bab1bfbf172e21a8b1902b9b4b97890a56bb9da443fd2bd94fdd2501813da140e24dbcf0d72a4c8c72a901a666761
-
SSDEEP
49152:PI085pNzmDH86hXS2eQPfzSdQEZn3W2XWx9mf/k:L85p6H8gSPQUrnG2XWHm
Static task
static1
Behavioral task
behavioral1
Sample
27fd1df26f5a48939f207ec098c13b62a09dc29a18dbac4ea65d0386f2623406.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
27fd1df26f5a48939f207ec098c13b62a09dc29a18dbac4ea65d0386f2623406.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
27fd1df26f5a48939f207ec098c13b62a09dc29a18dbac4ea65d0386f2623406
-
Size
1.7MB
-
MD5
a59e8c44031efc699219f5e58e4b6468
-
SHA1
65d62facf0cf72664af1243fc43062c80ba50792
-
SHA256
27fd1df26f5a48939f207ec098c13b62a09dc29a18dbac4ea65d0386f2623406
-
SHA512
c4354f3e23bf295b5c3c09d5a4d3d36a1f1bab1bfbf172e21a8b1902b9b4b97890a56bb9da443fd2bd94fdd2501813da140e24dbcf0d72a4c8c72a901a666761
-
SSDEEP
49152:PI085pNzmDH86hXS2eQPfzSdQEZn3W2XWx9mf/k:L85p6H8gSPQUrnG2XWHm
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-