Analysis
-
max time kernel
118s -
max time network
127s -
platform
windows10-2004_x64 -
resource
win10v2004-20220414-en -
submitted
21-05-2022 12:29
Static task
static1
Behavioral task
behavioral1
Sample
2e8a83ceff559f8df9b5bea70ea2224a6fe93edbd19b75db8c6e512d3c5eb35e.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
2e8a83ceff559f8df9b5bea70ea2224a6fe93edbd19b75db8c6e512d3c5eb35e.exe
Resource
win10v2004-20220414-en
General
-
Target
2e8a83ceff559f8df9b5bea70ea2224a6fe93edbd19b75db8c6e512d3c5eb35e.exe
-
Size
893KB
-
MD5
32020b2dffc1a7f9d4166be24f92bac9
-
SHA1
56cb28de7e4f7f0972b5514f00afb2c56d1a2450
-
SHA256
2e8a83ceff559f8df9b5bea70ea2224a6fe93edbd19b75db8c6e512d3c5eb35e
-
SHA512
56fc1adbfcc9ace262182256b63f379e062fe9aa947bcfb017dea984d7ac2aad0bdb6d748a1f459fd7bf40d8e54904971aec5a4f11ab512b7868af531bb18b8f
Malware Config
Signatures
-
Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs
Bootkits write to the MBR to gain persistence at a level below the operating system.
Processes:
2e8a83ceff559f8df9b5bea70ea2224a6fe93edbd19b75db8c6e512d3c5eb35e.exedescription ioc process File opened for modification \??\PhysicalDrive0 2e8a83ceff559f8df9b5bea70ea2224a6fe93edbd19b75db8c6e512d3c5eb35e.exe -
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
2e8a83ceff559f8df9b5bea70ea2224a6fe93edbd19b75db8c6e512d3c5eb35e.exepid process 2628 2e8a83ceff559f8df9b5bea70ea2224a6fe93edbd19b75db8c6e512d3c5eb35e.exe 2628 2e8a83ceff559f8df9b5bea70ea2224a6fe93edbd19b75db8c6e512d3c5eb35e.exe