Analysis

  • max time kernel
    118s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    12-06-2024 11:56

General

  • Target

    ec80a54e5532f2e9ebd5bf9dc533a03637e36b2678680fe11404fc70c1aa40da.exe

  • Size

    219KB

  • MD5

    05557a48ced3340c7cedceb4c768e1a7

  • SHA1

    16e9d9d5f04cea324bfe6ea893a327588b61437c

  • SHA256

    ec80a54e5532f2e9ebd5bf9dc533a03637e36b2678680fe11404fc70c1aa40da

  • SHA512

    f38b02d48a5b7584b2107b355346ca0c8460c20dc71142cf409a60220a02dfb56e6b68925ba0bd924027c3f9a0482bcbe1216feb2e307384c4992408dafe93df

  • SSDEEP

    3072:n2RaiKg4xmUh1WXHqw/l+qmOELhakVsm3mxB32tLEv8zfdn5f2dZLCoKOhhdK0KB:n0KgGwHqwOOELha+sm2D2+UhngNnK4Qt

Score
6/10

Malware Config

Signatures

  • Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs

    Bootkits write to the MBR to gain persistence at a level below the operating system.

Processes

  • C:\Users\Admin\AppData\Local\Temp\ec80a54e5532f2e9ebd5bf9dc533a03637e36b2678680fe11404fc70c1aa40da.exe
    "C:\Users\Admin\AppData\Local\Temp\ec80a54e5532f2e9ebd5bf9dc533a03637e36b2678680fe11404fc70c1aa40da.exe"
    1⤵
    • Writes to the Master Boot Record (MBR)
    PID:3068

Network

MITRE ATT&CK Matrix ATT&CK v13

Persistence

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Defense Evasion

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Replay Monitor

Loading Replay Monitor...

Downloads