Analysis
-
max time kernel
197s -
max time network
190s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
-
submitted
25-11-2022 09:24
General
-
Target
b093f3997af56a6109f8e7b91d89d8ac30e051d2fe2798a71568352e178b3cad.exe
-
Size
1.7MB
-
MD5
9fbe33ad364477d4b4b235a1e51df896
-
SHA1
13604261d474fcb0f97b554a60809d0b0eca2d04
-
SHA256
b093f3997af56a6109f8e7b91d89d8ac30e051d2fe2798a71568352e178b3cad
-
SHA512
e87990c417397b543d253936ca608e81ccd51427682f34a7b8c3d2646855484c974b4d61c82eac3b97f2ef7508e4c07a423923a99b73e393477d4ab85e8501a0
-
SSDEEP
49152:smZZX0SPneqobvt7xAwkJFH2mlD7VjsY43F:rZRmqobvtlA7j7wr
Score
6/10
Malware Config
Signatures
-
Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\b093f3997af56a6109f8e7b91d89d8ac30e051d2fe2798a71568352e178b3cad.exe"C:\Users\Admin\AppData\Local\Temp\b093f3997af56a6109f8e7b91d89d8ac30e051d2fe2798a71568352e178b3cad.exe"1⤵
- Writes to the Master Boot Record (MBR)
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/4248-132-0x0000000000400000-0x0000000000A6C000-memory.dmpFilesize
6.4MB
-
memory/4248-133-0x0000000000400000-0x0000000000A6C000-memory.dmpFilesize
6.4MB
-
memory/4248-134-0x0000000000400000-0x0000000000A6C000-memory.dmpFilesize
6.4MB
-
memory/4248-137-0x0000000000400000-0x0000000000A6C000-memory.dmpFilesize
6.4MB
-
memory/4248-136-0x0000000001010000-0x0000000001044000-memory.dmpFilesize
208KB
-
memory/4248-138-0x0000000000400000-0x0000000000A6C000-memory.dmpFilesize
6.4MB
-
memory/4248-141-0x0000000000400000-0x0000000000A6C000-memory.dmpFilesize
6.4MB
-
memory/4248-142-0x0000000001010000-0x0000000001044000-memory.dmpFilesize
208KB