General
-
Target
https://www.google.com/search?q=gta+6+gratuit&sca_esv=9a193cf2d9170f88&ei=ueCCZ4mCC__4kdUP3-O2uAc&oq=GTA+6+GR&gs_lp=Egxnd3Mtd2l6LXNlcnAiCEdUQSA2IEdSKgIIATIFEAAYgAQyBRAAGIAEMgUQABiABDIFEAAYgAQyBRAAGIAEMgUQABiABDIFEAAYgAQyBRAAGIAEMgUQABiABDIFEAAY7wVIsENQAFjqNnAAeAGQAQCYAUugAeMDqgEBOLgBAcgBAPgBAZgCCKACjgTCAgoQLhiABBhDGIoFwgIKEAAYgAQYQxiKBcICFhAuGIAEGLEDGNEDGEMYgwEYxwEYigXCAgsQABiABBixAxiDAcICDhAAGIAEGLEDGIMBGIoFwgIIEAAYgAQYsQPCAg4QLhiABBixAxjRAxjHAcICExAuGIAEGLEDGEMYgwEY1AIYigXCAg0QLhiABBixAxhDGIoFwgIQEAAYgAQYsQMYQxiDARiKBcICDRAAGIAEGLEDGEMYigWYAwCSBwE4oAeRSA&sclient=gws-wiz-serp
-
Sample
250111-1hzs1stjdj
Malware Config
Targets
-
-
Target
https://www.google.com/search?q=gta+6+gratuit&sca_esv=9a193cf2d9170f88&ei=ueCCZ4mCC__4kdUP3-O2uAc&oq=GTA+6+GR&gs_lp=Egxnd3Mtd2l6LXNlcnAiCEdUQSA2IEdSKgIIATIFEAAYgAQyBRAAGIAEMgUQABiABDIFEAAYgAQyBRAAGIAEMgUQABiABDIFEAAYgAQyBRAAGIAEMgUQABiABDIFEAAY7wVIsENQAFjqNnAAeAGQAQCYAUugAeMDqgEBOLgBAcgBAPgBAZgCCKACjgTCAgoQLhiABBhDGIoFwgIKEAAYgAQYQxiKBcICFhAuGIAEGLEDGNEDGEMYgwEYxwEYigXCAgsQABiABBixAxiDAcICDhAAGIAEGLEDGIMBGIoFwgIIEAAYgAQYsQPCAg4QLhiABBixAxjRAxjHAcICExAuGIAEGLEDGEMYgwEY1AIYigXCAg0QLhiABBixAxhDGIoFwgIQEAAYgAQYsQMYQxiDARiKBcICDRAAGIAEGLEDGEMYigWYAwCSBwE4oAeRSA&sclient=gws-wiz-serp
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-