Overview

overview

6

Static

static

3

0c8fcb4201...56.exe

windows7-x64

6

0c8fcb4201...56.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    141s
  • max time network
    128s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12/05/2023, 20:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0c8fcb4201e67579906b7a3512f0f093297231ecad2b949a7b41d377f22b5d56.exe

  • Size

    637KB

  • MD5

    a805dba04af8c0e62f1f8e90c441b6e1

  • SHA1

    18e6b6444187e12f5feb13a1613ae62ca77624b6

  • SHA256

    0c8fcb4201e67579906b7a3512f0f093297231ecad2b949a7b41d377f22b5d56

  • SHA512

    1b17ef4f5d8710048e244c8d8989a2802a77849792089cc616ec230dd09c47e289953480349514af6d9fd662a8128c60369a0f9caf0be7d8e53741af96550d46

  • SSDEEP

    12288:fY6enbKvRFuNvyOQZmAMbmBG4iCwsJ41:fYDOvLuNaOnz4iCHJ

Score
6/10
bootkitpersistence

Malware Config

Signatures

  • Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs

    Bootkits write to the MBR to gain persistence at a level below the operating system.

    bootkitpersistence

Processes

  • C:\Users\Admin\AppData\Local\Temp\0c8fcb4201e67579906b7a3512f0f093297231ecad2b949a7b41d377f22b5d56.exe
    "C:\Users\Admin\AppData\Local\Temp\0c8fcb4201e67579906b7a3512f0f093297231ecad2b949a7b41d377f22b5d56.exe"
    1⤵
    • Writes to the Master Boot Record (MBR)
    PID:2512

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2512-134-0x0000000000880000-0x00000000008EB000-memory.dmp

    Filesize

    428KB

    Download

  • memory/2512-135-0x0000000000400000-0x00000000004D3000-memory.dmp

    Filesize

    844KB

    Download

  • memory/2512-136-0x0000000000400000-0x00000000004D3000-memory.dmp

    Filesize

    844KB

    Download

  • memory/2512-137-0x0000000000880000-0x00000000008EB000-memory.dmp

    Filesize

    428KB

    Download