Overview

overview

6

task1

 

6

task2

 

6

Analysis

  • max time kernel
    8s
  • max time network
    134s
  • resource
    win7v191014

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8b077ae5dc7f9546bca05fb992f710633571e191758077933c547537f4eaa4d8

  • Sample

    191025-gwmgecpxns

  • SHA256

    8b077ae5dc7f9546bca05fb992f710633571e191758077933c547537f4eaa4d8

Score
N/A

Malware Config

Signatures

  • Accessing to Master Boot Record (MBR) 1 TTPs 1 IoCs
    ransomwarebootkit
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8b077ae5dc7f9546bca05fb992f710633571e191758077933c547537f4eaa4d8.exe
    "C:\Users\Admin\AppData\Local\Temp\8b077ae5dc7f9546bca05fb992f710633571e191758077933c547537f4eaa4d8.exe"
    1⤵
    • Accessing to Master Boot Record (MBR)
    • Suspicious use of AdjustPrivilegeToken
    PID:1272

Network

MITRE ATT&CK Additional techniques

  • T1067

Replay Monitor

Loading Replay Monitor...

Downloads