General
-
Target
.
-
Size
4KB
-
Sample
240526-j2t87sca7v
-
MD5
6876d5b700949ef06803e2555b3ffaf4
-
SHA1
e977e615811b2ec83ac4b7a9a7686de8648b35d4
-
SHA256
b54bb56c0ae4aca67ff67f6e80c185fee049794dceb3e7ede872e8fa75293fd3
-
SHA512
4be5df9a55fcb142ed5884e32c07929de750121b440bd83a928b60c1f87072886536c7bd49ff05f7525df84aaec2a2fedbeeafd6ddff59762b3f4451cb8a2ef9
-
SSDEEP
48:0wiG6rILGYpmdP5hHt8L8yUApFV7FJINPuFa4Idlx/WMNG9GcaogMiH:52hhHc8jApFV7pa4IdlB9NGrkb
Static task
static1
Behavioral task
behavioral1
Sample
.html
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
.
-
Size
4KB
-
MD5
6876d5b700949ef06803e2555b3ffaf4
-
SHA1
e977e615811b2ec83ac4b7a9a7686de8648b35d4
-
SHA256
b54bb56c0ae4aca67ff67f6e80c185fee049794dceb3e7ede872e8fa75293fd3
-
SHA512
4be5df9a55fcb142ed5884e32c07929de750121b440bd83a928b60c1f87072886536c7bd49ff05f7525df84aaec2a2fedbeeafd6ddff59762b3f4451cb8a2ef9
-
SSDEEP
48:0wiG6rILGYpmdP5hHt8L8yUApFV7FJINPuFa4Idlx/WMNG9GcaogMiH:52hhHc8jApFV7pa4IdlB9NGrkb
Score8/10-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-