Overview

overview

6

Static

static

3

cryptolaemus

windows10-2004-x64

6

cryptolaemus

windows11-21h2-x64

6

Analysis

  • max time kernel
    141s
  • max time network
    99s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240508-en
  • resource tags

    arch:x64arch:x86image:win11-20240508-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    10/05/2024, 05:54

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    699152808db2262f2121662d1c0e41da663fe06f58580f3305e433ddbeaba01e.exe

  • Size

    1.1MB

  • MD5

    a97139d48367b07969be1094a8eea0b0

  • SHA1

    7f1ea4aaf68cb74cd03d8f11914ffe0f4011e296

  • SHA256

    699152808db2262f2121662d1c0e41da663fe06f58580f3305e433ddbeaba01e

  • SHA512

    66578306a0d0100ed9f9834e81bb30a1251ea999e13926b2a98865e28c6aa42913ea95670e581cf4f357f86dad33aed5e767bc9acbd1a8b1cba8e0842f56b754

  • SSDEEP

    24576:Vm8U34tzPHWzfLa6jXLdZh25kU085PrJ:VmiHEZWv5r

Score
6/10
bootkitpersistence

Malware Config

Signatures

  • Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs

    Bootkits write to the MBR to gain persistence at a level below the operating system.

    bootkitpersistence

Processes

  • C:\Users\Admin\AppData\Local\Temp\699152808db2262f2121662d1c0e41da663fe06f58580f3305e433ddbeaba01e.exe
    "C:\Users\Admin\AppData\Local\Temp\699152808db2262f2121662d1c0e41da663fe06f58580f3305e433ddbeaba01e.exe"
    1⤵
    • Writes to the Master Boot Record (MBR)
    PID:1884

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/1884-0-0x00000000007E0000-0x00000000007E1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/1884-1-0x0000000002910000-0x000000000299B000-memory.dmp

          Filesize

          556KB

          Download

        • memory/1884-2-0x0000000000400000-0x000000000046F000-memory.dmp

          Filesize

          444KB

          Download

        • memory/1884-3-0x0000000000400000-0x0000000000525000-memory.dmp

          Filesize

          1.1MB

          Download

        • memory/1884-4-0x0000000000400000-0x0000000000525000-memory.dmp

          Filesize

          1.1MB

          Download

        • memory/1884-7-0x0000000000400000-0x000000000046F000-memory.dmp

          Filesize

          444KB

          Download