General
Target
Filesize
Completed
Task
109d1e60db795c10248ca36921d92725b1cdf3e5e7b28e42dea12d4e11538688.exe
168KB
21-05-2022 00:07
behavioral1
Score
6/10
MD5
SHA1
SHA256
SHA256
bbff0152e26275598487dc38866fca4e
40a55b93459dcfd43252492e55099952411a70eb
109d1e60db795c10248ca36921d92725b1cdf3e5e7b28e42dea12d4e11538688
852e819398dafb052f289c2e949ca6844db8375a6306abe463cbf070ce9f273d98dec30d29350dcb349674c54015bd3b28e0d13628c3df5f25d779c388d7dc9e
Malware Config
Signatures 1
Filter: none
Persistence
-
Writes to the Master Boot Record (MBR)109d1e60db795c10248ca36921d92725b1cdf3e5e7b28e42dea12d4e11538688.exe
Description
Bootkits write to the MBR to gain persistence at a level below the operating system.
Tags
TTPs
Reported IOCs
description ioc process File opened for modification \??\PhysicalDrive0 109d1e60db795c10248ca36921d92725b1cdf3e5e7b28e42dea12d4e11538688.exe
Processes 1
-
C:\Users\Admin\AppData\Local\Temp\109d1e60db795c10248ca36921d92725b1cdf3e5e7b28e42dea12d4e11538688.exePID:1868"C:\Users\Admin\AppData\Local\Temp\109d1e60db795c10248ca36921d92725b1cdf3e5e7b28e42dea12d4e11538688.exe"Writes to the Master Boot Record (MBR)
Network
MITRE ATT&CK Matrix
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Replay Monitor
00:00
00:00
Downloads
-
memory/1868-54-0x00000000002E0000-0x0000000000310000-memory.dmp
-
memory/1868-55-0x0000000075541000-0x0000000075543000-memory.dmp
-
memory/1868-56-0x0000000002205000-0x0000000002216000-memory.dmp
Title
Loading data