General
-
Target
b52fe4aabbe5a4cc22efcb855adb6dfb1fc10ddb2ec4fdf178ff012ccbd5942d
-
Size
4.8MB
-
Sample
231101-ybpncsce3s
-
MD5
ccdb837301e482acf2fe243ec8ff1ad8
-
SHA1
d4d8f3ba5036c2c35d5edf37f743d402d03e3161
-
SHA256
b52fe4aabbe5a4cc22efcb855adb6dfb1fc10ddb2ec4fdf178ff012ccbd5942d
-
SHA512
0a30c1f93608069883a7188fdf8278ef820b3d11e077443151027719dee255967ddc725e0b4f7ce4234ebb0f83edbc750b3fce465ea7c9da11395bf01b1dae02
-
SSDEEP
98304:R9+cMYa3Fmo/BZXxkIaPG1f5e1M/Cw/khc5FbKEQ26PVR7m6gZ1MRGNCyI5AxV3d:buFjBZBkI7he1M/Cw/khc5FbKEV6PVRS
Malware Config
Targets
-
-
Target
b52fe4aabbe5a4cc22efcb855adb6dfb1fc10ddb2ec4fdf178ff012ccbd5942d
-
Size
4.8MB
-
MD5
ccdb837301e482acf2fe243ec8ff1ad8
-
SHA1
d4d8f3ba5036c2c35d5edf37f743d402d03e3161
-
SHA256
b52fe4aabbe5a4cc22efcb855adb6dfb1fc10ddb2ec4fdf178ff012ccbd5942d
-
SHA512
0a30c1f93608069883a7188fdf8278ef820b3d11e077443151027719dee255967ddc725e0b4f7ce4234ebb0f83edbc750b3fce465ea7c9da11395bf01b1dae02
-
SSDEEP
98304:R9+cMYa3Fmo/BZXxkIaPG1f5e1M/Cw/khc5FbKEQ26PVR7m6gZ1MRGNCyI5AxV3d:buFjBZBkI7he1M/Cw/khc5FbKEV6PVRS
Score8/10-
Modifies Installed Components in the registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Pre-OS Boot
1Bootkit
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1