Analysis

  • max time kernel
    141s
  • max time network
    102s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09/05/2024, 02:32

General

  • Target

    feb456f1009fec2626c797ee669305bdc58b78d7f377ef4746385af73c2a10f0.exe

  • Size

    932KB

  • MD5

    9d91deccdaa4379cb7f444999ddf6382

  • SHA1

    3a14aa3a52c91754c3ba5429d865fbf4cef35eab

  • SHA256

    feb456f1009fec2626c797ee669305bdc58b78d7f377ef4746385af73c2a10f0

  • SHA512

    69b87ee3ed7d56449b36775636a616f2da64752f1a2902df673f02456289606aa4e6981ebb92523b13643237f4d6adf98c00531028813afdb7748de6e2cc10c4

  • SSDEEP

    12288:MOQNMIt3+hioijxOcaGW/v7EaEfvnJUC2+6zI4cHkYaG6U5SqFS4609bCFrZd:LWMIMhiop+4w/fvT2dMINbU5zFQmUz

Score
6/10

Malware Config

Signatures

  • Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs

    Bootkits write to the MBR to gain persistence at a level below the operating system.

Processes

  • C:\Users\Admin\AppData\Local\Temp\feb456f1009fec2626c797ee669305bdc58b78d7f377ef4746385af73c2a10f0.exe
    "C:\Users\Admin\AppData\Local\Temp\feb456f1009fec2626c797ee669305bdc58b78d7f377ef4746385af73c2a10f0.exe"
    1⤵
    • Writes to the Master Boot Record (MBR)
    PID:932

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/932-0-0x00000000006A0000-0x00000000006A1000-memory.dmp

          Filesize

          4KB

        • memory/932-1-0x0000000002840000-0x00000000028C0000-memory.dmp

          Filesize

          512KB

        • memory/932-2-0x0000000000400000-0x000000000046F000-memory.dmp

          Filesize

          444KB

        • memory/932-3-0x0000000000400000-0x00000000004EE000-memory.dmp

          Filesize

          952KB

        • memory/932-4-0x0000000000400000-0x00000000004EE000-memory.dmp

          Filesize

          952KB

        • memory/932-7-0x0000000000400000-0x000000000046F000-memory.dmp

          Filesize

          444KB