Analysis
-
max time kernel
31s -
max time network
16s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
-
submitted
25/12/2023, 22:03
General
-
Target
3ed4179a80705ccb82986ae2d13a2d13.exe
-
Size
136KB
-
MD5
3ed4179a80705ccb82986ae2d13a2d13
-
SHA1
0f8c55477e9d743428495dbc15185d6f17c87df7
-
SHA256
e3ae3adfbc30f3413f709730f8d83c68e6e43d7b66ada28a2912ce8058822f77
-
SHA512
044b1847599286d8e0d6e208c3d98b9e93015fbe4e19806a8079c97354b9c406410d8f63ae7ba524c5758ccc66180d4e43d683e3a8cb9f4ee87591bee105755a
-
SSDEEP
3072:j6RDxbzL6Ot01QPTpO/dYIc3+65kWFAtIvKgflboq:j6Rxf/tS/+I365SA
Score
6/10
Malware Config
Signatures
-
Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious behavior: RenamesItself 1 IoCs
-
Suspicious use of AdjustPrivilegeToken 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\3ed4179a80705ccb82986ae2d13a2d13.exe"C:\Users\Admin\AppData\Local\Temp\3ed4179a80705ccb82986ae2d13a2d13.exe"1⤵
- Writes to the Master Boot Record (MBR)
- Suspicious behavior: RenamesItself
- Suspicious use of AdjustPrivilegeToken
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1024KB
-
Filesize
156KB
-
Filesize
156KB
-
Filesize
1024KB