General
-
Target
2024-03-06_21-25-25.z03
-
Size
25.0MB
-
Sample
240630-wmp26avelp
-
MD5
06644c1b4e9a077db1ac51bf794fdc21
-
SHA1
237aa64fbcf0c5fd265e2f49708099f470cd44c8
-
SHA256
a6cebeb00e23f69189901beeef2a6f245281144730f641733949c4360ba6415e
-
SHA512
25064600d0bc7cfd2b56491baf4a7d19611abe2c28af4eac10625bcd27c94623e16fba9216c5167adbc3961fa99194ed5ff1cf1597100f23990d6257c7361c13
-
SSDEEP
786432:2A8FmJk+m7WRNsc/uwFZNogpMDsAp5HsmxK:2Ahi+1skFPobDscsmxK
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-06_21-25-25.z03
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-03-06_21-25-25.z03
-
Size
25.0MB
-
MD5
06644c1b4e9a077db1ac51bf794fdc21
-
SHA1
237aa64fbcf0c5fd265e2f49708099f470cd44c8
-
SHA256
a6cebeb00e23f69189901beeef2a6f245281144730f641733949c4360ba6415e
-
SHA512
25064600d0bc7cfd2b56491baf4a7d19611abe2c28af4eac10625bcd27c94623e16fba9216c5167adbc3961fa99194ed5ff1cf1597100f23990d6257c7361c13
-
SSDEEP
786432:2A8FmJk+m7WRNsc/uwFZNogpMDsAp5HsmxK:2Ahi+1skFPobDscsmxK
Score8/10-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-