Analysis

  • max time kernel
    51s
  • max time network
    54s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12-06-2024 09:54

General

  • Target

    aff2404526c313ebd8edcb6e7cad952281e47a86b2de6dcaf12b23ab31a819fd.exe

  • Size

    1.2MB

  • MD5

    30e283534eceae3e4419a81214958d6b

  • SHA1

    b1dbf233327f8ce6d42be1c9864869708b35eba5

  • SHA256

    aff2404526c313ebd8edcb6e7cad952281e47a86b2de6dcaf12b23ab31a819fd

  • SHA512

    0adb381c2c52ff4b1cf199b3c7c0eacb15e5b3506e0958544af5ad1549a041325d5b13cbc7a44e0b3b98da214b2b4437cde87224dc5b8d6bb366fdcbcd4db908

  • SSDEEP

    24576:fn+kUERV2SQP2gggg8oGhPnX4pz/ZFoR83j4e461N6Ia:/DBRBgggg8JnX4pz4u30e4s6Ia

Score
6/10

Malware Config

Signatures

  • Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs

    Bootkits write to the MBR to gain persistence at a level below the operating system.

Processes

  • C:\Users\Admin\AppData\Local\Temp\aff2404526c313ebd8edcb6e7cad952281e47a86b2de6dcaf12b23ab31a819fd.exe
    "C:\Users\Admin\AppData\Local\Temp\aff2404526c313ebd8edcb6e7cad952281e47a86b2de6dcaf12b23ab31a819fd.exe"
    1⤵
    • Writes to the Master Boot Record (MBR)
    PID:2816

Network

MITRE ATT&CK Matrix ATT&CK v13

Persistence

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Defense Evasion

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Replay Monitor

Loading Replay Monitor...

Downloads