General
-
Target
Monoxide
-
Size
183KB
-
Sample
230401-t8weyscf2x
-
MD5
e7137f5eeb8323becf1243095717112e
-
SHA1
90dd5a0da4f145fe3a1d7126178da30c9df22b37
-
SHA256
c841159847d9aa30087e10b67b3d43ad09497980760bcd57b8893e30f0794bae
-
SHA512
1b89ca9299bda056dc89ac2cc8081eb5816814744fd1c47ec5b2c902052e18d57fca2216d0ad77ae714b06b0da189db06cfb87bd6c99cfa3aff8447b62128699
-
SSDEEP
3072:ojTRgFloUWbwXwXIjhArpstmBCnLeKD5tVJpa2Ugt1y206taPexDuqJmo8YJaQUb:sTRgFloOxDuqJJ8YJaQU2SJxX520WLyl
Static task
static1
Behavioral task
behavioral1
Sample
Monoxide
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
Monoxide
-
Size
183KB
-
MD5
e7137f5eeb8323becf1243095717112e
-
SHA1
90dd5a0da4f145fe3a1d7126178da30c9df22b37
-
SHA256
c841159847d9aa30087e10b67b3d43ad09497980760bcd57b8893e30f0794bae
-
SHA512
1b89ca9299bda056dc89ac2cc8081eb5816814744fd1c47ec5b2c902052e18d57fca2216d0ad77ae714b06b0da189db06cfb87bd6c99cfa3aff8447b62128699
-
SSDEEP
3072:ojTRgFloUWbwXwXIjhArpstmBCnLeKD5tVJpa2Ugt1y206taPexDuqJmo8YJaQUb:sTRgFloOxDuqJJ8YJaQU2SJxX520WLyl
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-