Analysis
-
max time kernel
138s -
max time network
155s -
platform
windows10-2004_x64 -
resource
win10v2004-20220414-en -
submitted
22-05-2022 05:22
Static task
static1
Behavioral task
behavioral1
Sample
dsgter_v9.0.1.exe
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
dsgter_v9.0.1.exe
Resource
win10v2004-20220414-en
windows10-2004_x64
0 signatures
0 seconds
General
-
Target
dsgter_v9.0.1.exe
-
Size
6.7MB
-
MD5
4c0706c45c51cf1cc4a4f66f8c0b82ee
-
SHA1
4cb16b3ee52e090248dce69eb67164c902a5948a
-
SHA256
8f4f5226cf3a63634a48b64e43def89c20ff6e9312b451b458b79889dcbc1ee2
-
SHA512
f7107ba2777bf4d1be7852176a03da761fa9acb42a1e41b197a776a6331e231a83835f5021db3cd471758a8e8bf279e5ee8926e7d67c89883603df49de41d3ae
Score
6/10
Malware Config
Signatures
-
Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs
Bootkits write to the MBR to gain persistence at a level below the operating system.
Processes:
dsgter_v9.0.1.exedescription ioc process File opened for modification \??\PhysicalDrive0 dsgter_v9.0.1.exe -
Suspicious behavior: EnumeratesProcesses 6 IoCs
Processes:
dsgter_v9.0.1.exepid process 2468 dsgter_v9.0.1.exe 2468 dsgter_v9.0.1.exe 2468 dsgter_v9.0.1.exe 2468 dsgter_v9.0.1.exe 2468 dsgter_v9.0.1.exe 2468 dsgter_v9.0.1.exe