General
-
Target
1cf1304b6dd7f4b136c87446b9cd5cc2c1464e0c670964516535dfd6f687073e
-
Size
3.7MB
-
Sample
231012-gg3czach26
-
MD5
ac9b9a7bbe8b654a6a37d46f1f3de070
-
SHA1
2a44fb7e53ef80f12404445ccd6fbc4f79373013
-
SHA256
1cf1304b6dd7f4b136c87446b9cd5cc2c1464e0c670964516535dfd6f687073e
-
SHA512
b85b1b5c66e4740c7128276dcda5e2c96531028ae3d019c923655d97313071ba0a076b3ace776a0c391a123a71627edb24bb13a6115704ced000292bd8ac33a7
-
SSDEEP
98304:FYHGgkE6nK4rY5SbWf+YFCMxHctsEF0O7UgCKgSSH4BAJl6:NgX6YQaf+HM1cts8UgblSXI
Malware Config
Targets
-
-
Target
1cf1304b6dd7f4b136c87446b9cd5cc2c1464e0c670964516535dfd6f687073e
-
Size
3.7MB
-
MD5
ac9b9a7bbe8b654a6a37d46f1f3de070
-
SHA1
2a44fb7e53ef80f12404445ccd6fbc4f79373013
-
SHA256
1cf1304b6dd7f4b136c87446b9cd5cc2c1464e0c670964516535dfd6f687073e
-
SHA512
b85b1b5c66e4740c7128276dcda5e2c96531028ae3d019c923655d97313071ba0a076b3ace776a0c391a123a71627edb24bb13a6115704ced000292bd8ac33a7
-
SSDEEP
98304:FYHGgkE6nK4rY5SbWf+YFCMxHctsEF0O7UgCKgSSH4BAJl6:NgX6YQaf+HM1cts8UgblSXI
Score7/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-