Analysis
-
max time kernel
40s -
max time network
43s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
25-05-2022 23:51
Static task
static1
Behavioral task
behavioral1
Sample
1e2d2591e1412560c17b1aa921513da5.exe
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
1e2d2591e1412560c17b1aa921513da5.exe
Resource
win10v2004-20220414-en
windows10-2004_x64
0 signatures
0 seconds
General
-
Target
1e2d2591e1412560c17b1aa921513da5.exe
-
Size
611KB
-
MD5
1e2d2591e1412560c17b1aa921513da5
-
SHA1
4db18f7093dbca03ed4d7eece56567dd996a3ea8
-
SHA256
2d1ce8037528ca32f3155729c0096ee9508a2df376f465a027a6c6dfba29bbd3
-
SHA512
d9ab70b0dfcc7d3214d14f0ea45768439966b7b4d6c7c28ed5ef16ebae78382fcaac4c44ecd3046fe055b51b3e56a143fd3e2328cef643cf78b033fe86227095
Score
6/10
Malware Config
Signatures
-
Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs
Bootkits write to the MBR to gain persistence at a level below the operating system.
Processes:
1e2d2591e1412560c17b1aa921513da5.exedescription ioc process File opened for modification \??\PHYSICALDRIVE0 1e2d2591e1412560c17b1aa921513da5.exe
Processes
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1464-54-0x0000000000698000-0x00000000006F9000-memory.dmpFilesize
388KB
-
memory/1464-55-0x0000000075381000-0x0000000075383000-memory.dmpFilesize
8KB
-
memory/1464-56-0x0000000000400000-0x00000000004DD000-memory.dmpFilesize
884KB
-
memory/1464-57-0x0000000000698000-0x00000000006F9000-memory.dmpFilesize
388KB
-
memory/1464-58-0x00000000002C0000-0x000000000032B000-memory.dmpFilesize
428KB
-
memory/1464-59-0x0000000000400000-0x00000000004DD000-memory.dmpFilesize
884KB