Resubmissions
05-09-2023 17:28
230905-v13pqshg91 705-09-2023 17:26
230905-vz8jlaaa67 705-09-2023 14:11
230905-rhq2fafh4v 705-09-2023 14:08
230905-rfxq7sgb33 731-08-2023 15:00
230831-sdnaesfc6t 730-08-2023 18:51
230830-xhxf4saa27 730-08-2023 18:48
230830-xftmfahh77 730-08-2023 18:44
230830-xdxajshh55 729-08-2023 17:57
230829-wjky2aed68 729-08-2023 17:46
230829-wcmjaahd2v 7General
-
Target
RUN_AT_YOUR_OWN_RISK.bat
-
Size
13KB
-
Sample
230905-v13pqshg91
-
MD5
4e2a7f369378a76d1df4d8c448f712af
-
SHA1
1192b4d01254a8704e6d6ae17dc2ec28a7ad5a49
-
SHA256
5e2cd213ff47b7657abd9167c38ffd8b53c13261fe22adddea92b5a2d9e320ad
-
SHA512
90e6eedca424e2ee37c78e0c0380db490c049b0378541812734c134510c40c6e4c48c4e213f395339ed99ff337ef087b6056ac5aafb246c1789ca6082dcabd2e
-
SSDEEP
192:AOyUySl0UaDz2gWsIzlmj+BxZ3yqueWQx0lZicyC8Sh31xcjBzyxwn7AVhllz3:AVODaDSHMql3yqlxy5L1xcjwrlz3
Malware Config
Targets
-
-
Target
RUN_AT_YOUR_OWN_RISK.bat
-
Size
13KB
-
MD5
4e2a7f369378a76d1df4d8c448f712af
-
SHA1
1192b4d01254a8704e6d6ae17dc2ec28a7ad5a49
-
SHA256
5e2cd213ff47b7657abd9167c38ffd8b53c13261fe22adddea92b5a2d9e320ad
-
SHA512
90e6eedca424e2ee37c78e0c0380db490c049b0378541812734c134510c40c6e4c48c4e213f395339ed99ff337ef087b6056ac5aafb246c1789ca6082dcabd2e
-
SSDEEP
192:AOyUySl0UaDz2gWsIzlmj+BxZ3yqueWQx0lZicyC8Sh31xcjBzyxwn7AVhllz3:AVODaDSHMql3yqlxy5L1xcjwrlz3
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-