General
-
Target
Setup_AndroidFs442_1.1.646.1.exe
-
Size
311KB
-
Sample
240825-llmwasygrk
-
MD5
e0f92eaa816f2c08219d34dfa7d9496b
-
SHA1
a1da20fa1fd34ead3037c8e2e0887fbb5a0677c3
-
SHA256
c8ee648cceb6cecc002b2a7713b139f7e795987d7477e4b0432b6eebdf6b24e8
-
SHA512
00dd0e045e4e689f739670a138c263933e8a945ca88a2d1f7534c60c9e56b109fd2893411b8b7abe2130a30140e07e04b0b8269ec82b5686f072ed40162dd605
-
SSDEEP
3072:EiBgAkHnjPIQ6KSfc/BHePaW+LN7DxRLlzglKiVYBk:tgAkHnjPIQBSfc+PCN7jBiVYBk
Static task
static1
Behavioral task
behavioral1
Sample
Setup_AndroidFs442_1.1.646.1.html
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
Setup_AndroidFs442_1.1.646.1.html
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
Setup_AndroidFs442_1.1.646.1.exe
-
Size
311KB
-
MD5
e0f92eaa816f2c08219d34dfa7d9496b
-
SHA1
a1da20fa1fd34ead3037c8e2e0887fbb5a0677c3
-
SHA256
c8ee648cceb6cecc002b2a7713b139f7e795987d7477e4b0432b6eebdf6b24e8
-
SHA512
00dd0e045e4e689f739670a138c263933e8a945ca88a2d1f7534c60c9e56b109fd2893411b8b7abe2130a30140e07e04b0b8269ec82b5686f072ed40162dd605
-
SSDEEP
3072:EiBgAkHnjPIQ6KSfc/BHePaW+LN7DxRLlzglKiVYBk:tgAkHnjPIQBSfc+PCN7jBiVYBk
Score8/10-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-