Overview

overview

6

Static

static

3

cryptolaemus

windows10-2004-x64

6

cryptolaemus

windows11-21h2-x64

6

Analysis

  • max time kernel
    146s
  • max time network
    151s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240426-en
  • resource tags

    arch:x64arch:x86image:win11-20240426-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    10/05/2024, 02:23

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    e45903e9640d61afd2ddf0658048345acdfd1b15888df228b8ccacf60d0ce661.exe

  • Size

    1.1MB

  • MD5

    f5dee24e3b700f818986471c00f3b000

  • SHA1

    1c93eaa8cb7cea7e11447c59d51bc55b383e9207

  • SHA256

    e45903e9640d61afd2ddf0658048345acdfd1b15888df228b8ccacf60d0ce661

  • SHA512

    e4cf4eaeddf4538eb2f25dcffae3090652b2db8cd8c7ff044a1e5b3dc6128b6f8a2f639df16442b7e0a4004a5b11350f93c1c570348315fc2d729f6c9da5a65b

  • SSDEEP

    24576:Vm8U34tzPHWzfLa6j/LdZh25kU085PrJ:VmiHUZWv5r

Score
6/10
bootkitpersistence

Malware Config

Signatures

  • Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs

    Bootkits write to the MBR to gain persistence at a level below the operating system.

    bootkitpersistence

Processes

  • C:\Users\Admin\AppData\Local\Temp\e45903e9640d61afd2ddf0658048345acdfd1b15888df228b8ccacf60d0ce661.exe
    "C:\Users\Admin\AppData\Local\Temp\e45903e9640d61afd2ddf0658048345acdfd1b15888df228b8ccacf60d0ce661.exe"
    1⤵
    • Writes to the Master Boot Record (MBR)
    PID:3572

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/3572-0-0x0000000002360000-0x0000000002361000-memory.dmp

          Filesize

          4KB

          Download

        • memory/3572-1-0x00000000028C0000-0x000000000294B000-memory.dmp

          Filesize

          556KB

          Download

        • memory/3572-2-0x0000000000400000-0x000000000046F000-memory.dmp

          Filesize

          444KB

          Download

        • memory/3572-3-0x0000000000400000-0x0000000000525000-memory.dmp

          Filesize

          1.1MB

          Download

        • memory/3572-4-0x0000000000400000-0x0000000000525000-memory.dmp

          Filesize

          1.1MB

          Download

        • memory/3572-7-0x0000000000400000-0x000000000046F000-memory.dmp

          Filesize

          444KB

          Download