Analysis

  • max time kernel
    127s
  • max time network
    143s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02/03/2024, 16:33

General

  • Target

    89f5c115b09af059deb77ada004bf3a92b06ca46df2346ed2d67f9926a32cdde.exe

  • Size

    4.8MB

  • MD5

    223fbaa81eefd21f6cfa65f6788c8cd9

  • SHA1

    cc718fb2ca5e375c6c30fb703e4b9d708c9b6002

  • SHA256

    89f5c115b09af059deb77ada004bf3a92b06ca46df2346ed2d67f9926a32cdde

  • SHA512

    1ebf751f9e9232ce6110157ac65b8d5ae0ffa6a4632845149eada926fe4410207fc7557c722cb0882399efd40074a58f0f39e0402abba6fd8806a51868688372

  • SSDEEP

    98304:seLpmrmc2lAu28lkcf5YjovKqGYiOE8oLj5YINfSyo8aXj:TcmZl85gyjovK65E8ob5Sx8aXj

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 3 IoCs
  • Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs

    Bootkits write to the MBR to gain persistence at a level below the operating system.

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\89f5c115b09af059deb77ada004bf3a92b06ca46df2346ed2d67f9926a32cdde.exe
    "C:\Users\Admin\AppData\Local\Temp\89f5c115b09af059deb77ada004bf3a92b06ca46df2346ed2d67f9926a32cdde.exe"
    1⤵
    • Loads dropped DLL
    • Writes to the Master Boot Record (MBR)
    PID:4860

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\LDSGameMaster\Store\360Base\360NetUL.dll

          Filesize

          234KB

          MD5

          cd03029957ebc78c0ca7a6c02a9ca846

          SHA1

          0044114b8073781479044f0294701be9611be2ac

          SHA256

          139fdd92e6ddf1aac0761a68502b374daa32e82039621018511dc491ed9b4048

          SHA512

          14c641cb9536def0ddc1969d50b97b83a23017c97373e3ad74d3fbf9825ac81f3fdf8169281c8ad4cebd45d9c9ae05f752d553ba4653e620889b274479cb7c32

        • C:\Users\Admin\AppData\Local\LDSGameMaster\Store\360Base\Utils\LDSBasic.dll

          Filesize

          908KB

          MD5

          7ca588270a0287be204d5f30feb77fdf

          SHA1

          3f3549e07f81428ecde0c21e218617244222c788

          SHA256

          784add510e7b1fe03e2c3556b39e354c147e2eb7d2c892bb0b2d10b37b3e6827

          SHA512

          0d950a06c79133ff1dfc2e08f2dfdaa28e6b5fefb10d6dfbc738bc4ff957f26f4ea50631132922a02c8247de81eaf70cffa2830fd5716da21bff806922bf6e6b

        • C:\Users\Admin\AppData\Local\Temp\{613CD00C-7AD8-4147-B5AD-8CA2B4458EAD}.tmp\7z.dll

          Filesize

          804KB

          MD5

          6837c9030e9b8170f8ea811cbd613988

          SHA1

          26a4c69b86c4971b471d2ae0aaff328878ca6db4

          SHA256

          d89e72967228a6c0d51416e944e06434cccfe01add0d828f9de943ce923b1a06

          SHA512

          0ef6adf2d5ca8fb7a8af64d40eb9d6044e491dc6dd9fd7c657897a2b2022d62ae51530e0dd629c5436e79e916c3b1eb7b7be3a3a29ebe5528473c365a074bcf2