General

  • Target

    7ac10aa947210d5f3e801973b6b4552cc5578085bb443774527dfc1093fb2188

  • Size

    9.6MB

  • Sample

    241111-rm6bxszhrf

  • MD5

    fd53edecad2469a9a2ba82b031daf0a1

  • SHA1

    718cccecc01989d4043da952cd1b366ae4ae2360

  • SHA256

    7ac10aa947210d5f3e801973b6b4552cc5578085bb443774527dfc1093fb2188

  • SHA512

    21b5b3aa2060988111c3f2573cf98768cb8a9a0358f33b9716823d249c9d5ebe8166026fa8667056772496c83567bc27eb0bdc2e781423ce4b902833ed762f2a

  • SSDEEP

    196608:i+HJ8Z49OUHI7Dlcw248Rl600S7NklQ/qu9G4gtqk58/UTVsru:i+HlHI7ZAR1rSlQiyNgtvuUTVcu

Malware Config

Targets

    • Target

      7ac10aa947210d5f3e801973b6b4552cc5578085bb443774527dfc1093fb2188

    • Size

      9.6MB

    • MD5

      fd53edecad2469a9a2ba82b031daf0a1

    • SHA1

      718cccecc01989d4043da952cd1b366ae4ae2360

    • SHA256

      7ac10aa947210d5f3e801973b6b4552cc5578085bb443774527dfc1093fb2188

    • SHA512

      21b5b3aa2060988111c3f2573cf98768cb8a9a0358f33b9716823d249c9d5ebe8166026fa8667056772496c83567bc27eb0bdc2e781423ce4b902833ed762f2a

    • SSDEEP

      196608:i+HJ8Z49OUHI7Dlcw248Rl600S7NklQ/qu9G4gtqk58/UTVsru:i+HlHI7ZAR1rSlQiyNgtvuUTVcu

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks