Analysis
-
max time kernel
51s -
max time network
54s -
platform
windows10-1703_x64 -
resource
win10-20230220-en -
resource tags
-
submitted
26-03-2023 04:35
General
-
Target
INF_SPOOFER.exe
-
Size
9.6MB
-
MD5
1bded5cdf27444dadb39a32b7f92b78d
-
SHA1
ffbd195733be4c539a54d3a6c2bb9268c742cc95
-
SHA256
9fe49293ebb853d9bee570e59c7e2e76f4b4e2f9857302de439b69a4dd477a80
-
SHA512
fa7b0d586bbc98047d77853cf0cc00c10a4af3987f0492faaaaace5845a7cf76c1b5129df43d844a882dfe3ef7028351146b0d687b6b73904e010c6a470ffb78
-
SSDEEP
196608:SgsQqTRtPCuVdirulPJ8x3IWu1tzV2NIwo17o6K6Z:SgsQOzKQiMPJ6IW6tzV2Kb1yc
Score
6/10
Malware Config
Signatures
-
Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious behavior: AddClipboardFormatListener 1 IoCs
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
-
Suspicious use of FindShellTrayWindow 7 IoCs
-
Suspicious use of SendNotifyMessage 7 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\INF_SPOOFER.exe"C:\Users\Admin\AppData\Local\Temp\INF_SPOOFER.exe"1⤵
- Writes to the Master Boot Record (MBR)
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/3260-119-0x0000000140000000-0x0000000141A9A000-memory.dmpFilesize
26.6MB
-
memory/3260-124-0x0000000000420000-0x0000000000430000-memory.dmpFilesize
64KB