General
-
Target
pdr-free-online.exe
-
Size
2.2MB
-
Sample
230403-tr19wafg99
-
MD5
8e938b9dc68c347110e57a8086662bd5
-
SHA1
33e65b0ea45bc0496897288a37ef2492c69307d1
-
SHA256
91c7c3e1ac15cb9d320a6386e43e77ca7473ba3db708f45776869d85bbde3adc
-
SHA512
28fd1371638c108c77bbf7bd189c09a8eee53e4c40957748ddaf02eb4a1b40ad824ea94b170e8ed50d5a40c6d3656a12347d67837221eb23d56c4f0f0cfa0ac1
-
SSDEEP
49152:9tJEra8kaXpfLZyTiikVd4vSq8Fk5M76LPDgTSjZShK:9tc9kOpfLZyTyuvzZi6LPDgeZShK
Static task
static1
Behavioral task
behavioral1
Sample
pdr-free-online.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
pdr-free-online.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
pdr-free-online.exe
-
Size
2.2MB
-
MD5
8e938b9dc68c347110e57a8086662bd5
-
SHA1
33e65b0ea45bc0496897288a37ef2492c69307d1
-
SHA256
91c7c3e1ac15cb9d320a6386e43e77ca7473ba3db708f45776869d85bbde3adc
-
SHA512
28fd1371638c108c77bbf7bd189c09a8eee53e4c40957748ddaf02eb4a1b40ad824ea94b170e8ed50d5a40c6d3656a12347d67837221eb23d56c4f0f0cfa0ac1
-
SSDEEP
49152:9tJEra8kaXpfLZyTiikVd4vSq8Fk5M76LPDgTSjZShK:9tc9kOpfLZyTyuvzZi6LPDgeZShK
Score7/10-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-