Analysis
-
max time kernel
231s -
max time network
264s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
26/12/2023, 06:41
General
-
Target
5a4d0fd6a5aaa1f3135c206897135b95.exe
-
Size
105KB
-
MD5
5a4d0fd6a5aaa1f3135c206897135b95
-
SHA1
0e4ab53d631b794ef3c0fa219e145bb480fe6762
-
SHA256
dd13faa31351e807e1983b08b28efff1aa513e7c886c3676563f5d3fbd368c88
-
SHA512
13fe1effc35e1dc8aeb801dbca0f3c6ba0b367e01b1b9c4bf72ac942ff77a92de7dfde259733708bfe08672e5cfa7a9ccd12858241cc140e292b7d37f3c89eea
-
SSDEEP
3072:lr/Ipm5cgIDed/Zsc6dpVCuY/gGP22V6:lz52DedBspVC5hL
Score
7/10
Malware Config
Signatures
-
Unexpected DNS network traffic destination 20 IoCs
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of SetWindowsHookEx 17 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\5a4d0fd6a5aaa1f3135c206897135b95.exe"C:\Users\Admin\AppData\Local\Temp\5a4d0fd6a5aaa1f3135c206897135b95.exe"1⤵
- Writes to the Master Boot Record (MBR)
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
312KB
-
Filesize
8KB
-
Filesize
8KB
-
Filesize
312KB
-
Filesize
312KB
-
Filesize
312KB
-
Filesize
312KB
-
Filesize
312KB
-
Filesize
312KB
-
Filesize
312KB
-
Filesize
312KB
-
Filesize
312KB
-
Filesize
312KB