General
-
Target
60fce650fe921ff7b0b9045103f566c5a6984845c851a1240a7a3896cb53bfb1
-
Size
3.1MB
-
Sample
230402-ytdntaac73
-
MD5
939800d328b8d8f9cd1188afb36dd960
-
SHA1
467963e9d84a2f1e39cd1c436b258ae6dc56f181
-
SHA256
60fce650fe921ff7b0b9045103f566c5a6984845c851a1240a7a3896cb53bfb1
-
SHA512
8956b8bfaa0ba1dab5238ddb5e2daf71826d0f364975bb2c2205560c1de76cefcf2af1148eb8cb0bd730b7f248f5963969dec7fd4e86f01bb96ab09dde0c96aa
-
SSDEEP
98304:XKcQRF9EkcfWRRclPEzPFiwr3G9QJRJ2G:fazuh85iwr29uJR
Malware Config
Targets
-
-
Target
60fce650fe921ff7b0b9045103f566c5a6984845c851a1240a7a3896cb53bfb1
-
Size
3.1MB
-
MD5
939800d328b8d8f9cd1188afb36dd960
-
SHA1
467963e9d84a2f1e39cd1c436b258ae6dc56f181
-
SHA256
60fce650fe921ff7b0b9045103f566c5a6984845c851a1240a7a3896cb53bfb1
-
SHA512
8956b8bfaa0ba1dab5238ddb5e2daf71826d0f364975bb2c2205560c1de76cefcf2af1148eb8cb0bd730b7f248f5963969dec7fd4e86f01bb96ab09dde0c96aa
-
SSDEEP
98304:XKcQRF9EkcfWRRclPEzPFiwr3G9QJRJ2G:fazuh85iwr29uJR
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-