Analysis

  • max time kernel
    70s
  • max time network
    75s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12-06-2024 12:50

General

  • Target

    71299a484d71752fd0e1dfaad70a18237f31e516d29d1d3466fae93437f12f39.exe

  • Size

    212KB

  • MD5

    d577512bcc91096f2185b4f2d44461db

  • SHA1

    a8acdfc8e92b90e7bd4fd347bad465be32b02455

  • SHA256

    71299a484d71752fd0e1dfaad70a18237f31e516d29d1d3466fae93437f12f39

  • SHA512

    1058f7f42981de880a8b0cf7580561f8af3e068735a4336b69d4f1d525fd79bdbb9f9420212d2257f31f1f959fe7e218520643df9b321317411c6665eab48761

  • SSDEEP

    3072:csmIwp0Lr0cZMHeBw4kQkFAe5sWkn0VEqj+KHy+pDyXtLAcjaK7PuENhVPW0cokO:cGwqAHAw49UsWknOEqiJ+AXD7PPW0fdv

Score
6/10

Malware Config

Signatures

  • Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs

    Bootkits write to the MBR to gain persistence at a level below the operating system.

Processes

  • C:\Users\Admin\AppData\Local\Temp\71299a484d71752fd0e1dfaad70a18237f31e516d29d1d3466fae93437f12f39.exe
    "C:\Users\Admin\AppData\Local\Temp\71299a484d71752fd0e1dfaad70a18237f31e516d29d1d3466fae93437f12f39.exe"
    1⤵
    • Writes to the Master Boot Record (MBR)
    PID:3924

Network

MITRE ATT&CK Matrix ATT&CK v13

Persistence

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Defense Evasion

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Replay Monitor

Loading Replay Monitor...

Downloads