Analysis
-
max time kernel
23s -
max time network
33s -
platform
windows7_x64 -
resource
win7-20230220-en -
resource tags
arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system -
submitted
31-03-2023 08:42
Static task
static1
Behavioral task
behavioral1
Sample
bbf4fcc27a782003bf77fad5d2f0402d5ba0dca0b1b0683670fe6c538002468e.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
bbf4fcc27a782003bf77fad5d2f0402d5ba0dca0b1b0683670fe6c538002468e.exe
Resource
win10v2004-20230220-en
General
-
Target
bbf4fcc27a782003bf77fad5d2f0402d5ba0dca0b1b0683670fe6c538002468e.exe
-
Size
2.5MB
-
MD5
57367e2c180da8b851df2a7625a70afb
-
SHA1
27643abb3cf3762b4e17d4b46daf088d642170be
-
SHA256
bbf4fcc27a782003bf77fad5d2f0402d5ba0dca0b1b0683670fe6c538002468e
-
SHA512
3f4980a71f49053d00a417e1ae9abfadc5446d9abac3acb181bf32db8f9e02a8a586d0c89784737a7b37567aec12f311995a468aeae35a0ed06e777c91506bd8
-
SSDEEP
49152:qLpGqJ0bNiPa666666gJDMefrugsVErF44kJ01m2dD:2plJEiy6666662DzsVaW451PD
Malware Config
Signatures
-
Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs
Bootkits write to the MBR to gain persistence at a level below the operating system.
Processes:
bbf4fcc27a782003bf77fad5d2f0402d5ba0dca0b1b0683670fe6c538002468e.exedescription ioc process File opened for modification \??\PhysicalDrive0 bbf4fcc27a782003bf77fad5d2f0402d5ba0dca0b1b0683670fe6c538002468e.exe