Resubmissions
01-04-2023 15:00
230401-sdfwcacb3v 101-04-2023 14:59
230401-sc7mnscb3s 101-04-2023 14:56
230401-sbgpvsaf95 601-04-2023 14:53
230401-r9pmpaca9t 701-04-2023 14:50
230401-r73rjaca8t 601-04-2023 14:48
230401-r6gsnsca7s 101-04-2023 14:45
230401-r4v8aaca6w 801-04-2023 14:42
230401-r24rmsaf49 801-04-2023 14:39
230401-r1h4jsca4s 101-04-2023 14:36
230401-ryy2zsaf34 1General
-
Target
https://we.tl/t-VCeNt9Cn60
-
Sample
230401-r9pmpaca9t
Score
7/10
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://we.tl/t-VCeNt9Cn60
Resource
win10v2004-20230220-en
windows10-2004-x64
11 signatures
150 seconds
Malware Config
Targets
-
-
Target
https://we.tl/t-VCeNt9Cn60
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-