General
-
Target
9d2af82ce28b4e1c3df0c78e83557f7c1070c4de9f8e45a13cc05f9a45e77776
-
Size
3.0MB
-
Sample
231011-s33reaac23
-
MD5
49e4f43d4b0490011e787c6fe1d76ac0
-
SHA1
10093e134918d661be36d3959c42860956028b0f
-
SHA256
9d2af82ce28b4e1c3df0c78e83557f7c1070c4de9f8e45a13cc05f9a45e77776
-
SHA512
6aced4ba1a4ed69aecf5b78976c76bf5505abf695cbf448b2632d66b1ee2e4df597d2612e9d2d41a7e2e2425c44bf25c492bcc20ad9a8d11edaa42c6b4990a9a
-
SSDEEP
49152:KMKgb9TR6PeMRFr5KdDeB4scfWRRpilPEpNW9Nsazgiw9mAGenGiwF90J6KcAbd8:XKcQRF9EkcfWRRclPEzPFiwr3G9QJBJG
Malware Config
Targets
-
-
Target
9d2af82ce28b4e1c3df0c78e83557f7c1070c4de9f8e45a13cc05f9a45e77776
-
Size
3.0MB
-
MD5
49e4f43d4b0490011e787c6fe1d76ac0
-
SHA1
10093e134918d661be36d3959c42860956028b0f
-
SHA256
9d2af82ce28b4e1c3df0c78e83557f7c1070c4de9f8e45a13cc05f9a45e77776
-
SHA512
6aced4ba1a4ed69aecf5b78976c76bf5505abf695cbf448b2632d66b1ee2e4df597d2612e9d2d41a7e2e2425c44bf25c492bcc20ad9a8d11edaa42c6b4990a9a
-
SSDEEP
49152:KMKgb9TR6PeMRFr5KdDeB4scfWRRpilPEpNW9Nsazgiw9mAGenGiwF90J6KcAbd8:XKcQRF9EkcfWRRclPEzPFiwr3G9QJBJG
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-