Analysis
-
max time kernel
91s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
-
submitted
04/12/2022, 04:15
General
-
Target
f18b290e8bc08f49cf258ddfd29ddb57c3cbfdbaf9b2240388394f614f2f030d.exe
-
Size
168KB
-
MD5
4413d426f118fc09cb812b11adc6a695
-
SHA1
14ad5caf7af4316c87c66fed20b268034307d19d
-
SHA256
f18b290e8bc08f49cf258ddfd29ddb57c3cbfdbaf9b2240388394f614f2f030d
-
SHA512
35dce6de346ccff2ee3593feebf5b69b9d681d174feea77e648a6ebca7cc30764b913348e723700e40f0790846316d438d57984ff12cc83eb8d2b822a78feca8
-
SSDEEP
3072:+mmT9KkU5kXNYRfVk2LAbsAdWlcFwYobn:+V4kU5RiKMl
Score
6/10
Malware Config
Signatures
-
Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious behavior: EnumeratesProcesses 6 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\f18b290e8bc08f49cf258ddfd29ddb57c3cbfdbaf9b2240388394f614f2f030d.exe"C:\Users\Admin\AppData\Local\Temp\f18b290e8bc08f49cf258ddfd29ddb57c3cbfdbaf9b2240388394f614f2f030d.exe"1⤵
- Writes to the Master Boot Record (MBR)
- Suspicious behavior: EnumeratesProcesses
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
168KB
-
Filesize
168KB