Analysis

  • max time kernel
    120s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    21-09-2023 03:15

General

  • Target

    ef2e74fdb70a3d757905d853ebe73da0c9a5e9345985ae1d923a4d660a043366.exe

  • Size

    1.2MB

  • MD5

    7bd1cb0d9941560ad611660dd42e1983

  • SHA1

    004e7743b85b88964c14c34ab71d9809a8cd31aa

  • SHA256

    ef2e74fdb70a3d757905d853ebe73da0c9a5e9345985ae1d923a4d660a043366

  • SHA512

    0d10a7cbd6829cced99f1831057833607593599486c6631f18917746c2e087482358e8738260a2c951e1d40e2f84d28bc2a878709e388426c189a726cf9dc58b

  • SSDEEP

    24576:hq/PtbfblvSh+4x/D6BDEEnvQo1K8IVlbfmfk:hIbfbk+lmUvf1K1Vlb+s

Score
6/10

Malware Config

Signatures

  • Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs

    Bootkits write to the MBR to gain persistence at a level below the operating system.

  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ef2e74fdb70a3d757905d853ebe73da0c9a5e9345985ae1d923a4d660a043366.exe
    "C:\Users\Admin\AppData\Local\Temp\ef2e74fdb70a3d757905d853ebe73da0c9a5e9345985ae1d923a4d660a043366.exe"
    1⤵
    • Writes to the Master Boot Record (MBR)
    • Suspicious use of SetWindowsHookEx
    PID:2792

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\·þ×°¼ÆËãÆ÷¼ÇÒäÎļþÇëÎðɾ³ý.ini

    Filesize

    38B

    MD5

    b265040bbda27bf23462af3bd8da5d96

    SHA1

    9492768b3952949ea17b6422302de1aa6a1b148a

    SHA256

    7023f8e635e41170a98c03473254fb19d7064de35f6c0fd85e0d83d530d22a2b

    SHA512

    6bc801107a398265f8b825f6bf5e7693177705d3ba13850b844b353bee59452cd8e6af2e24ab75d929ac7c12ae4ef41cd6e709a9b267f1984ee4966dea1f8144