General

  • Target

    AR01 ru Soft.exe

  • Size

    19.6MB

  • Sample

    240611-3sab8awdlf

  • MD5

    f92a75c7524ac4b36bcd9c98bac8978e

  • SHA1

    2353897219bff454aeea25cdddfc014c60da7c99

  • SHA256

    da68a61e9be899227c0594938447174fda77025dbb545c253f759e3c9407f235

  • SHA512

    86415ac099bd6dfb7342d505aa88f84f2042448a2c7cb1b6184a8f42015c77321612ed4064eb1de713e59ef07cad095ccdbd956edb4e0b8567ceeb30d0daa762

  • SSDEEP

    393216:j6aLcSmQ5P996RdhZOqeCwI8aoXi/5SimOr6AfBNpg:jtXV5PvYN7eCwOoXioimjAfBNpg

Malware Config

Targets

    • Target

      AR01 ru Soft.exe

    • Size

      19.6MB

    • MD5

      f92a75c7524ac4b36bcd9c98bac8978e

    • SHA1

      2353897219bff454aeea25cdddfc014c60da7c99

    • SHA256

      da68a61e9be899227c0594938447174fda77025dbb545c253f759e3c9407f235

    • SHA512

      86415ac099bd6dfb7342d505aa88f84f2042448a2c7cb1b6184a8f42015c77321612ed4064eb1de713e59ef07cad095ccdbd956edb4e0b8567ceeb30d0daa762

    • SSDEEP

      393216:j6aLcSmQ5P996RdhZOqeCwI8aoXi/5SimOr6AfBNpg:jtXV5PvYN7eCwOoXioimjAfBNpg

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks