Overview

overview

6

Static

static

aa74c6be44...c3.exe

windows7-x64

6

aa74c6be44...c3.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    165s
  • max time network
    170s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02-10-2022 22:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    aa74c6be443108ea164912a4e0a906b7294bf833417162d665b4601e20da63c3.exe

  • Size

    281KB

  • MD5

    4ac318932cafe769fa5beb33b573b182

  • SHA1

    1d31b5a44403dabb016be31b70602f845eb363b9

  • SHA256

    aa74c6be443108ea164912a4e0a906b7294bf833417162d665b4601e20da63c3

  • SHA512

    8d92992b6e8c911fed67d9f1e81a77274b7066a7c8fd02b893a98448ebc7167ab5dd1d5f1b398b956ddd407e0bad981e7edd76a3a6530f35702e544e514dd845

  • SSDEEP

    6144:YwUXOmBORmWfD05CKUwmTaQIeXA1DbDFH/mgmv8Zz:YwCOmgrbFdA1PZH/cvmz

Score
6/10
bootkitpersistence

Malware Config

Signatures

  • Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs

    Bootkits write to the MBR to gain persistence at a level below the operating system.

    bootkitpersistence

Processes

  • C:\Users\Admin\AppData\Local\Temp\aa74c6be443108ea164912a4e0a906b7294bf833417162d665b4601e20da63c3.exe
    "C:\Users\Admin\AppData\Local\Temp\aa74c6be443108ea164912a4e0a906b7294bf833417162d665b4601e20da63c3.exe"
    1⤵
    • Writes to the Master Boot Record (MBR)
    PID:1372

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

1
T1067

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1372-132-0x0000000000400000-0x000000000048F000-memory.dmp
    Filesize

    572KB

    Download
  • memory/1372-133-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-139-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-141-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-143-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-252-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-255-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-257-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-259-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-261-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-263-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-267-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-273-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-282-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-284-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-410-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-416-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-427-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-429-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-425-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-431-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-433-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-439-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-558-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-565-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-568-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-570-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-573-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-575-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-582-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-584-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-588-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-709-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-712-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-721-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-723-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-727-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-731-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-737-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-739-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-858-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-1172-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-1173-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-1174-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-1175-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-1176-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-1177-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-1178-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-1179-0x0000000002E40000-0x0000000002EEA000-memory.dmp
    Filesize

    680KB

    Download
  • memory/1372-1180-0x0000000000400000-0x000000000048F000-memory.dmp
    Filesize

    572KB

    Download