General
-
Target
image_2023-04-06_210253615.png
-
Size
5KB
-
Sample
230406-xqkghsgf6y
-
MD5
ebfc7d08c123f94342b367cb0b1bd808
-
SHA1
90b225e5716a74a877766779a3983236f73314d3
-
SHA256
715c2de1e44005b5a985c48b6accc7422fbc2c1a34d66f7246fd162724199a6c
-
SHA512
6deb037d1b876c1dc80fd49027f37ca913ad84d727e52d14e08d2efe0f3581504a56323f5d275656537cc150209870b44bf860586c921f686cf83eaf7c08c8e3
-
SSDEEP
96:nZJ8L4krPeycChPd30e386v3iS9h3hgsvP05qwc+ByEemgx1CVnFkImjIxE17D+s:njtkrPeahPJX3v3iS9TFPn67gx1CVFG/
Static task
static1
Behavioral task
behavioral1
Sample
image_2023-04-06_210253615.png
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
image_2023-04-06_210253615.png
-
Size
5KB
-
MD5
ebfc7d08c123f94342b367cb0b1bd808
-
SHA1
90b225e5716a74a877766779a3983236f73314d3
-
SHA256
715c2de1e44005b5a985c48b6accc7422fbc2c1a34d66f7246fd162724199a6c
-
SHA512
6deb037d1b876c1dc80fd49027f37ca913ad84d727e52d14e08d2efe0f3581504a56323f5d275656537cc150209870b44bf860586c921f686cf83eaf7c08c8e3
-
SSDEEP
96:nZJ8L4krPeycChPd30e386v3iS9h3hgsvP05qwc+ByEemgx1CVnFkImjIxE17D+s:njtkrPeahPJX3v3iS9TFPn67gx1CVFG/
Score8/10-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-