Overview

overview

8

Static

static

8

5b73ba724e...fc.exe

windows7_x64

6

5b73ba724e...fc.exe

windows10-2004_x64

6

Analysis

  • max time kernel
    26s
  • max time network
    46s
  • platform
    windows7_x64
  • resource
    win7-20220414-en
  • submitted
    20-05-2022 23:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5b73ba724eea6a5c05658201c530175172ed2c05f42cf96d192b35ab24d765fc.exe

  • Size

    655KB

  • MD5

    e4294bdcd5c3176ec605bc8162ded436

  • SHA1

    46b92cfb321e686f6e6b93430820f2860f792da3

  • SHA256

    5b73ba724eea6a5c05658201c530175172ed2c05f42cf96d192b35ab24d765fc

  • SHA512

    e10297aa56fcf104015a2d410cf53c5f513669cf95cd56eea96fa4bcc4e8aae03b7be9b4a9c3bface2c53b8ad950cabd3755cb5cdb722c9c7bc60a2998ed0e52

Score
6/10
bootkitpersistence

Malware Config

Signatures

  • Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs

    Bootkits write to the MBR to gain persistence at a level below the operating system.

    bootkitpersistence
  • Drops file in Program Files directory 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5b73ba724eea6a5c05658201c530175172ed2c05f42cf96d192b35ab24d765fc.exe
    "C:\Users\Admin\AppData\Local\Temp\5b73ba724eea6a5c05658201c530175172ed2c05f42cf96d192b35ab24d765fc.exe"
    1⤵
    • Writes to the Master Boot Record (MBR)
    • Drops file in Program Files directory
    PID:624

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

1
T1067

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/624-54-0x00000000769D1000-0x00000000769D3000-memory.dmp
    Filesize

    8KB

    Download