General
-
Target
64e57be4034f43f6f38141d67be75f0459156e0c738126be1646888203bf41fb
-
Size
6.0MB
-
Sample
240526-ln5twsdh8z
-
MD5
61dacf7564eb55307cac41e27f5e0cbb
-
SHA1
d3a1f00082d12c2d925fb380c2561770f6c37708
-
SHA256
64e57be4034f43f6f38141d67be75f0459156e0c738126be1646888203bf41fb
-
SHA512
25ce909fcbd3615421ecbaa4fba647e651cb25d0c18935eeab6e71591bff30bd3d735040fe74a986bd926472754441671c14b492a86a81f0f4ce7dec65b457c7
-
SSDEEP
98304:+8UEfbST1c3m54tyu+l8U9DBekB6Km1BykxMHwULZ4bTBxyeBE6VbJ3CP:3UEuGjEh8UDBfrmfyAWZ4bFEeBJVt
Behavioral task
behavioral1
Sample
64e57be4034f43f6f38141d67be75f0459156e0c738126be1646888203bf41fb.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
64e57be4034f43f6f38141d67be75f0459156e0c738126be1646888203bf41fb.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
64e57be4034f43f6f38141d67be75f0459156e0c738126be1646888203bf41fb
-
Size
6.0MB
-
MD5
61dacf7564eb55307cac41e27f5e0cbb
-
SHA1
d3a1f00082d12c2d925fb380c2561770f6c37708
-
SHA256
64e57be4034f43f6f38141d67be75f0459156e0c738126be1646888203bf41fb
-
SHA512
25ce909fcbd3615421ecbaa4fba647e651cb25d0c18935eeab6e71591bff30bd3d735040fe74a986bd926472754441671c14b492a86a81f0f4ce7dec65b457c7
-
SSDEEP
98304:+8UEfbST1c3m54tyu+l8U9DBekB6Km1BykxMHwULZ4bTBxyeBE6VbJ3CP:3UEuGjEh8UDBfrmfyAWZ4bFEeBJVt
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Adds Run key to start application
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-