General
-
Target
wps_wid.cid-49726512.1712805675.exe
-
Size
5.3MB
-
Sample
240509-ddt1mshe29
-
MD5
6b33c205bec288518f4acff11ee42ab6
-
SHA1
7e4d3c34f3237b90d35024976250580f34d1d10c
-
SHA256
0d9df396a6458fbe1e29b29c2c42d75fc24218dbe838fca0c0744ad2377758f7
-
SHA512
30edfb648149c9340eb384d044822103966b786c203c9647e19259472d76cb7a48bd5e05f68e5831b7115069786d58dd1ef146d8700df3135f49a649adf4f800
-
SSDEEP
98304:gA3utc4HTUfGJeO3ADxzbWtbsTZlVkAh0YdtLltwvz/I+U:/uc4QjVHWClVkAXLlWby
Static task
static1
Behavioral task
behavioral1
Sample
wps_wid.cid-49726512.1712805675.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
wps_wid.cid-49726512.1712805675.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
wps_wid.cid-49726512.1712805675.exe
-
Size
5.3MB
-
MD5
6b33c205bec288518f4acff11ee42ab6
-
SHA1
7e4d3c34f3237b90d35024976250580f34d1d10c
-
SHA256
0d9df396a6458fbe1e29b29c2c42d75fc24218dbe838fca0c0744ad2377758f7
-
SHA512
30edfb648149c9340eb384d044822103966b786c203c9647e19259472d76cb7a48bd5e05f68e5831b7115069786d58dd1ef146d8700df3135f49a649adf4f800
-
SSDEEP
98304:gA3utc4HTUfGJeO3ADxzbWtbsTZlVkAh0YdtLltwvz/I+U:/uc4QjVHWClVkAXLlWby
Score6/10-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-