General
-
Target
overwriteb.exe
-
Size
1.2MB
-
Sample
240810-v2zz8sterh
-
MD5
a70ff1b38ed596cd68140c9086b66fec
-
SHA1
d75406c704d4d5fb057eadd1c3571042100d701b
-
SHA256
5aa9ad92a96fc7bea38e9d24c6a245c56049e86b4338761018c718219484c065
-
SHA512
9d466c72b38fe412a1cde2a136d04aa8c3aace880992db786d91b940610027769cf1f9e1a12035f3716ff6f78662fa4c7492956c8343bb46400eeac74d21b7f9
-
SSDEEP
12288:urKmBpMTqnYx6IZ7aUXYXVeCHkAVz5CntHsh9Z+DX87Kf+iXhhnCkAclRXhyxVUU:KBpMTqnYx6IZ7aU0VuMKf7nCkAMJ
Static task
static1
Behavioral task
behavioral1
Sample
overwriteb.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
overwriteb.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
overwriteb.exe
-
Size
1.2MB
-
MD5
a70ff1b38ed596cd68140c9086b66fec
-
SHA1
d75406c704d4d5fb057eadd1c3571042100d701b
-
SHA256
5aa9ad92a96fc7bea38e9d24c6a245c56049e86b4338761018c718219484c065
-
SHA512
9d466c72b38fe412a1cde2a136d04aa8c3aace880992db786d91b940610027769cf1f9e1a12035f3716ff6f78662fa4c7492956c8343bb46400eeac74d21b7f9
-
SSDEEP
12288:urKmBpMTqnYx6IZ7aUXYXVeCHkAVz5CntHsh9Z+DX87Kf+iXhhnCkAclRXhyxVUU:KBpMTqnYx6IZ7aU0VuMKf7nCkAMJ
Score8/10-
Possible privilege escalation attempt
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Modifies file permissions
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-