Resubmissions

25/02/2024, 06:42

240225-hgq6daeg7x 6

25/02/2024, 05:12

240225-fvs6sacc77 10

General

  • Target

    startup.exe

  • Size

    4.2MB

  • Sample

    240225-hgq6daeg7x

  • MD5

    0a314a16b0d6a1d9279202185682944d

  • SHA1

    c2db6f3cef932466979500ed6b7e9f631d8dfb78

  • SHA256

    ed3e0d6a49ac9468a00069ee22e6bca9e017a5bd38ef6aacd6611015263ddff6

  • SHA512

    4f7440c5cdc014d0d3de245a1b61ea62e4a997989edb9bb5f71779b934df9b7db8ffe33e62040ab63eac365b2ea96714041cd117a866a73fae716a995532867a

  • SSDEEP

    98304:qO/RG6akIN84klIci68x17BTjgJx5VqRJTN9xYVDBSs3/c:ha24kDi6G6FQRZGV3/c

Malware Config

Targets

    • Target

      startup.exe

    • Size

      4.2MB

    • MD5

      0a314a16b0d6a1d9279202185682944d

    • SHA1

      c2db6f3cef932466979500ed6b7e9f631d8dfb78

    • SHA256

      ed3e0d6a49ac9468a00069ee22e6bca9e017a5bd38ef6aacd6611015263ddff6

    • SHA512

      4f7440c5cdc014d0d3de245a1b61ea62e4a997989edb9bb5f71779b934df9b7db8ffe33e62040ab63eac365b2ea96714041cd117a866a73fae716a995532867a

    • SSDEEP

      98304:qO/RG6akIN84klIci68x17BTjgJx5VqRJTN9xYVDBSs3/c:ha24kDi6G6FQRZGV3/c

    • Checks whether UAC is enabled

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks