Analysis Overview
SHA256
34214083ce60696dc171d58c3152856c1a0eb661a4741e22a340bdd52258b130
Threat Level: Shows suspicious behavior
The file 34214083ce60696dc171d58c3152856c1a0eb661a4741e22a340bdd52258b130 was found to be: Shows suspicious behavior.
Malicious Activity Summary
Writes to the Master Boot Record (MBR)
Unsigned PE
MITRE ATT&CK Matrix V13
Analysis: static1
Detonation Overview
Reported
2024-06-12 22:41
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-12 22:41
Reported
2024-06-12 22:43
Platform
win7-20240611-en
Max time kernel
88s
Max time network
93s
Command Line
Signatures
Writes to the Master Boot Record (MBR)
| Description | Indicator | Process | Target |
| File opened for modification | \??\PHYSICALDRIVE0 | C:\Users\Admin\AppData\Local\Temp\34214083ce60696dc171d58c3152856c1a0eb661a4741e22a340bdd52258b130.exe | N/A |
Processes
C:\Users\Admin\AppData\Local\Temp\34214083ce60696dc171d58c3152856c1a0eb661a4741e22a340bdd52258b130.exe
"C:\Users\Admin\AppData\Local\Temp\34214083ce60696dc171d58c3152856c1a0eb661a4741e22a340bdd52258b130.exe"
C:\Windows\system32\LogonUI.exe
"LogonUI.exe" /flags:0x0
C:\Windows\system32\LogonUI.exe
"LogonUI.exe" /flags:0x1
Network
Files
memory/1976-0-0x0000000002980000-0x0000000002981000-memory.dmp
memory/2460-1-0x00000000026E0000-0x00000000026E1000-memory.dmp