Overview

overview

7

Static

static

3

7969f79dce...96.exe

windows7-x64

7

7969f79dce...96.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13/01/2024, 07:34

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    7969f79dce89be7095e5dca45752acafa26376b3a1cbfa314edd160f5957b496.exe

  • Size

    4.8MB

  • MD5

    a8e72784f15d459cef243be1d5c0e43d

  • SHA1

    7817832a1d04ba87e8de2ec05efb716f4f42eb87

  • SHA256

    7969f79dce89be7095e5dca45752acafa26376b3a1cbfa314edd160f5957b496

  • SHA512

    332160af62f88ab8e7d2f25c94a900d543af52052c0d64c5cf0cc8a4df368acb4f2c713ff4c5075dfde6e7a6c37a8ce4c3e605a467298371786f25c568ede69b

  • SSDEEP

    98304:seLpmrmc2lAu28lkcf5YjovKqGYiOE8oLj5YINfSyo8aXW:TcmZl85gyjovK65E8ob5Sx8aXW

Score
7/10
bootkitpersistence

Malware Config

Signatures

  • Loads dropped DLL 3 IoCs
  • Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs

    Bootkits write to the MBR to gain persistence at a level below the operating system.

    bootkitpersistence
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\7969f79dce89be7095e5dca45752acafa26376b3a1cbfa314edd160f5957b496.exe
    "C:\Users\Admin\AppData\Local\Temp\7969f79dce89be7095e5dca45752acafa26376b3a1cbfa314edd160f5957b496.exe"
    1⤵
    • Loads dropped DLL
    • Writes to the Master Boot Record (MBR)
    PID:1492

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\LDSGameMaster\Store\360Base\360NetUL.dll
          Filesize

          82KB

          MD5

          e3948c732ae93c4ce48147327a883c30

          SHA1

          0a55b7897fc4739c04e94e2ff4a16e530da1be3c

          SHA256

          9746c0423a2555b8c4e206cbf38f972306f6b2327ead8f5d563131e9f8a02a1e

          SHA512

          673b64f935576406eac5b900f1e4ed759f45a94ac662a2fb0baa6a30d7ee705a6edc6af239f35f9352765943fe6c77a6fbdf7e67a501c9c4dd38c2287976e34b

          Download Submit

        • C:\Users\Admin\AppData\Local\LDSGameMaster\Store\360Base\Utils\LDSBasic.dll
          Filesize

          39KB

          MD5

          c979e20bcf72426a05aab3882e439e90

          SHA1

          930d7b3f98948be0bb64279ee090c16025fe6f4b

          SHA256

          2eb46bbf1546d001b7a9ca2ef7c3fa9d93a249f42b0d947a2053fc3eae7acf02

          SHA512

          17b99770b6e6d19fd077377ac46c2f353b63f18143850989d866c5a652742a4e16337c63151ad951b39eeae054eb79e78f8984da315fc8e7f0a1f7fb22f8abf6

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\UG0DPB4T\mgame[1].txt
          Filesize

          2B

          MD5

          444bcb3a3fcf8389296c49467f27e1d6

          SHA1

          7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb

          SHA256

          2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

          SHA512

          9fbbbb5a0f329f9782e2356fa41d89cf9b3694327c1a934d6af2a9df2d7f936ce83717fb513196a4ce5548471708cd7134c2ae99b3c357bcabb2eafc7b9b7570

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\{23052A63-3363-4a9c-91CC-848C8D909A98}.tmp\7z.dll
          Filesize

          175KB

          MD5

          e91661830d953655bf119ae264938221

          SHA1

          3fc4d331a63ee591cb3d10076214724bee16fc3e

          SHA256

          68f2a13efccc8216541ad72cafa3891aa55e53f979639112654b14b49bb4517a

          SHA512

          29aba3624f93cc602f0b068fb27ff00d2bb3faf8d9a6d19edaa755e98f3b8bf7d939edbd85af1c6db90e81a687edd1b89b7b5721f7eb1536baef7ac402039355

          Download Submit