General
-
Target
0c04e64639cde58906cbbd105a40737d236a1008ee3f5a0a89463c75aaffa197
-
Size
1.7MB
-
Sample
240615-w93xja1bld
-
MD5
22aa9226f12b7b5d8f8b30af62c9d846
-
SHA1
284c91ddb076dc85c4c54f301de7097ed65baed7
-
SHA256
0c04e64639cde58906cbbd105a40737d236a1008ee3f5a0a89463c75aaffa197
-
SHA512
ecae2a961c5a53b55b58ff81f54893d4401513ca06038d86dcfe58d55a5a85fb689e2b19fffe5f76bf94bfc47aba09d2a1869fc884ad5c7c1b67c717630406ff
-
SSDEEP
49152:wd0Ik85pNzmDH86hXS2eQPfzSdQEZn3W2XWx9mf/kx:r85p6H8gSPQUrnG2XWHmm
Static task
static1
Behavioral task
behavioral1
Sample
0c04e64639cde58906cbbd105a40737d236a1008ee3f5a0a89463c75aaffa197.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
0c04e64639cde58906cbbd105a40737d236a1008ee3f5a0a89463c75aaffa197.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
0c04e64639cde58906cbbd105a40737d236a1008ee3f5a0a89463c75aaffa197
-
Size
1.7MB
-
MD5
22aa9226f12b7b5d8f8b30af62c9d846
-
SHA1
284c91ddb076dc85c4c54f301de7097ed65baed7
-
SHA256
0c04e64639cde58906cbbd105a40737d236a1008ee3f5a0a89463c75aaffa197
-
SHA512
ecae2a961c5a53b55b58ff81f54893d4401513ca06038d86dcfe58d55a5a85fb689e2b19fffe5f76bf94bfc47aba09d2a1869fc884ad5c7c1b67c717630406ff
-
SSDEEP
49152:wd0Ik85pNzmDH86hXS2eQPfzSdQEZn3W2XWx9mf/kx:r85p6H8gSPQUrnG2XWHmm
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-