Analysis
-
max time kernel
119s -
max time network
135s -
platform
windows10_x64 -
resource
win10-en-20210920 -
submitted
21-10-2021 18:39
Static task
static1
Behavioral task
behavioral1
Sample
f0e3f33f197acc669becc1ff52f046c8c1ade0e083e85afdc07078caf60ed1ee.exe
Resource
win10-en-20210920
windows10_x64
0 signatures
0 seconds
General
-
Target
f0e3f33f197acc669becc1ff52f046c8c1ade0e083e85afdc07078caf60ed1ee.exe
-
Size
583KB
-
MD5
9bf85b2db80f6954513a202f7b07e89d
-
SHA1
b629a945730960dc2d40adc9d61462cc99bbb6e6
-
SHA256
f0e3f33f197acc669becc1ff52f046c8c1ade0e083e85afdc07078caf60ed1ee
-
SHA512
558a5469c6ccc26c84637f2fc3751ff7985fbdd124893c9a8a241de2df631bfd005539f3b8f7c7751b6ddd0ec1ccc95de6a107279f03b62a966676a78ca75d42
Score
6/10
Malware Config
Signatures
-
Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs
Bootkits write to the MBR to gain persistence at a level below the operating system.
Processes:
f0e3f33f197acc669becc1ff52f046c8c1ade0e083e85afdc07078caf60ed1ee.exedescription ioc process File opened for modification \??\PHYSICALDRIVE0 f0e3f33f197acc669becc1ff52f046c8c1ade0e083e85afdc07078caf60ed1ee.exe
Processes
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/4040-115-0x0000000004B40000-0x0000000004BA0000-memory.dmpFilesize
384KB
-
memory/4040-116-0x0000000004BA0000-0x0000000004C0B000-memory.dmpFilesize
428KB
-
memory/4040-117-0x0000000000400000-0x0000000002F58000-memory.dmpFilesize
43.3MB
-
memory/4040-118-0x0000000000400000-0x0000000002F58000-memory.dmpFilesize
43.3MB