aec6694dda09b3e41be21683612be6d6fb5e09b771e80cddf73e4506a5772626

Analysis

max time kernel
152s
max time network
148s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
03-12-2022 22:40

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

aec6694dda09b3e41be21683612be6d6fb5e09b771e80cddf73e4506a5772626.exe
Size

281KB
MD5

43d9f639d9de9c7f9c4554692c832424
SHA1

4bc0005db75874a285114f7c7129f40905b8933f
SHA256

aec6694dda09b3e41be21683612be6d6fb5e09b771e80cddf73e4506a5772626
SHA512

de69d3da550748dbb152183d2e41f9cbf6d65e1d7b65694de3474d176dae8a16c0c70bd2857dc918ae125e80c128a2a39a2e0d89e729eade36fef94520251656
SSDEEP

6144:AciBL2oZi5qyJsaB0ss2EL9C79ChLu1PaWbBaM:Aci52oZYbma+ss2G9CpChy1iZM

Score

6^/10

bootkit persistence

Malware Config

Signatures

Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs

Bootkits write to the MBR to gain persistence at a level below the operating system.

bootkit persistence

Bootkit

T1067

description	ioc	Process
File opened for modification	\??\PhysicalDrive0	aec6694dda09b3e41be21683612be6d6fb5e09b771e80cddf73e4506a5772626.exe

C:\Users\Admin\AppData\Local\Temp\aec6694dda09b3e41be21683612be6d6fb5e09b771e80cddf73e4506a5772626.exe
"C:\Users\Admin\AppData\Local\Temp\aec6694dda09b3e41be21683612be6d6fb5e09b771e80cddf73e4506a5772626.exe"
1⤵
- Writes to the Master Boot Record (MBR)
PID:4660

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

T1067

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4660-132-0x0000000000400000-0x000000000048F000-memory.dmp

Filesize
572KB

Download
memory/4660-133-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-238-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-242-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-245-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-247-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-249-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-253-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-255-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-258-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-264-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-268-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-272-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-274-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-277-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-279-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-281-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-455-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-457-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-462-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-466-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-468-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-470-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-472-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-475-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-478-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-481-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-487-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-491-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-493-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-495-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-498-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-501-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-507-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-518-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-522-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-719-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-722-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-727-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-732-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-734-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-741-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-739-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-748-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-750-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-752-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-757-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-761-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-765-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-767-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-968-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-973-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-977-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-1125-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-1131-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download
memory/4660-1186-0x0000000002E40000-0x0000000002EEA000-memory.dmp

Filesize
680KB

Download