Analysis
-
max time kernel
161s -
max time network
213s -
platform
windows10-2004_x64 -
resource
win10v2004-20220414-en -
submitted
12-05-2022 11:41
General
-
Target
3c64fdd58eafb6e678a58f47e515b0cde3b39e98c32d6607d3c8e58a5eff8d72.exe
-
Size
455KB
-
MD5
7c9a17538efb839e11cb5542f9150032
-
SHA1
aec7672a7371185fe7dc623cf4eee76d2120702e
-
SHA256
3c64fdd58eafb6e678a58f47e515b0cde3b39e98c32d6607d3c8e58a5eff8d72
-
SHA512
6e4ddc09cb005903acc225e9dc3aa6d369b337952b1fc084892f77e3e050960a06c68be4748f989165e8d919ff9148d9c746dbbb22ee3e4cfd54564f99fec9c7
Score
6/10
Malware Config
Signatures
-
Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\3c64fdd58eafb6e678a58f47e515b0cde3b39e98c32d6607d3c8e58a5eff8d72.exe"C:\Users\Admin\AppData\Local\Temp\3c64fdd58eafb6e678a58f47e515b0cde3b39e98c32d6607d3c8e58a5eff8d72.exe"1⤵
- Writes to the Master Boot Record (MBR)
- Suspicious use of AdjustPrivilegeToken
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2992-130-0x0000000000400000-0x0000000000FCF000-memory.dmpFilesize
11.8MB
-
memory/2992-131-0x0000000001008000-0x0000000001069000-memory.dmpFilesize
388KB
-
memory/2992-132-0x0000000002D00000-0x0000000002D6B000-memory.dmpFilesize
428KB
-
memory/2992-133-0x0000000000400000-0x0000000000FCF000-memory.dmpFilesize
11.8MB