Analysis

  • max time kernel
    70s
  • max time network
    74s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12-06-2024 10:36

General

  • Target

    40cf825721100990411271d92a5cfe400bb9c147606d32d3f31c00ba1123f3a3.exe

  • Size

    219KB

  • MD5

    f8476f12f15f6cb59af40de54e904a93

  • SHA1

    4256ad25778fc0b7bb7dcfc540e35c212a296bc3

  • SHA256

    40cf825721100990411271d92a5cfe400bb9c147606d32d3f31c00ba1123f3a3

  • SHA512

    516b2f7808cd1cc17ce16b685093c0ab219ac91da23afb8ec6dcb9a7045e488bda1a833f76d03d569a909ca0a335198aa12357af4ef2527b011d9b1826249fdd

  • SSDEEP

    3072:X2RaiKg4xmUh1WXHqw/l+qmOELhakVsm3mxB32tLEv8zfdn5f2dZLCoKOhhYK0Kx:X0KgGwHqwOOELha+sm2D2+UhngNeK4f4

Score
6/10

Malware Config

Signatures

  • Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs

    Bootkits write to the MBR to gain persistence at a level below the operating system.

Processes

  • C:\Users\Admin\AppData\Local\Temp\40cf825721100990411271d92a5cfe400bb9c147606d32d3f31c00ba1123f3a3.exe
    "C:\Users\Admin\AppData\Local\Temp\40cf825721100990411271d92a5cfe400bb9c147606d32d3f31c00ba1123f3a3.exe"
    1⤵
    • Writes to the Master Boot Record (MBR)
    PID:3164

Network

MITRE ATT&CK Matrix ATT&CK v13

Persistence

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Defense Evasion

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Replay Monitor

Loading Replay Monitor...

Downloads