Overview

overview

6

Static

static

setup.exe

windows7_x64

6

setup.exe

windows10-2004_x64

6

Analysis

  • max time kernel
    184s
  • max time network
    194s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220414-en
  • submitted
    16-05-2022 12:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    setup.exe

  • Size

    668KB

  • MD5

    10e4443ce2353752f039def6d498551d

  • SHA1

    299fe4fe32de52b52371c88a9b58fb9493c4b2b2

  • SHA256

    e6519b812c285d6ad48df92a70e235a28ee05d7c87e3b6dd8d4f1a29a9b77856

  • SHA512

    57a3ee519b53c5ba93638b885d1cc519c601f99913044650c3ec4926df323b9379b06e57f8103582288776dee10532a4e25b6ce024995d20822c6b2784b8add6

Score
6/10
bootkitpersistence

Malware Config

Signatures

  • Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs

    Bootkits write to the MBR to gain persistence at a level below the operating system.

    bootkitpersistence

Processes

  • C:\Users\Admin\AppData\Local\Temp\setup.exe
    "C:\Users\Admin\AppData\Local\Temp\setup.exe"
    1⤵
    • Writes to the Master Boot Record (MBR)
    PID:4284

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

1
T1067

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4284-130-0x0000000000400000-0x00000000006BE000-memory.dmp
    Filesize

    2.7MB

    Download
  • memory/4284-131-0x00000000006C0000-0x00000000006C3000-memory.dmp
    Filesize

    12KB

    Download