Analysis
-
max time kernel
119s -
max time network
121s -
platform
windows10_x64 -
resource
win10-en-20211014 -
submitted
21-10-2021 21:43
Static task
static1
Behavioral task
behavioral1
Sample
e91f299bd3558e1725fbd0074592fd27a63e855056d734ebf482aa4eab6baf38.exe
Resource
win10-en-20211014
windows10_x64
0 signatures
0 seconds
General
-
Target
e91f299bd3558e1725fbd0074592fd27a63e855056d734ebf482aa4eab6baf38.exe
-
Size
584KB
-
MD5
d1e56eb29f3ff02ac443b8ffc7fe580e
-
SHA1
1f0bb1c31ad7c15c2949a46272610c967d7b9c39
-
SHA256
e91f299bd3558e1725fbd0074592fd27a63e855056d734ebf482aa4eab6baf38
-
SHA512
a5e9957db551b55b4a80d3ec054e25b0e05ef8c59907942d0efc5633925d68f61e44ec849dbe5999deb3b45b91747eeda1fd6b648e2d9b76b37c4065a6314368
Score
6/10
Malware Config
Signatures
-
Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs
Bootkits write to the MBR to gain persistence at a level below the operating system.
Processes:
e91f299bd3558e1725fbd0074592fd27a63e855056d734ebf482aa4eab6baf38.exedescription ioc process File opened for modification \??\PHYSICALDRIVE0 e91f299bd3558e1725fbd0074592fd27a63e855056d734ebf482aa4eab6baf38.exe
Processes
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2760-116-0x0000000004D40000-0x0000000004DAB000-memory.dmpFilesize
428KB
-
memory/2760-115-0x0000000004CE0000-0x0000000004D40000-memory.dmpFilesize
384KB
-
memory/2760-117-0x0000000000400000-0x0000000002F58000-memory.dmpFilesize
43.3MB
-
memory/2760-118-0x0000000000400000-0x0000000002F58000-memory.dmpFilesize
43.3MB