Analysis
-
max time kernel
147s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
14-06-2024 23:06
Static task
static1
Behavioral task
behavioral1
Sample
0d1a5c39dea3d740f63664dfca5219d4ecf06f6dcf03821fbbe7a1df222e63c9.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral2
Sample
0d1a5c39dea3d740f63664dfca5219d4ecf06f6dcf03821fbbe7a1df222e63c9.exe
Resource
win11-20240611-en
General
-
Target
0d1a5c39dea3d740f63664dfca5219d4ecf06f6dcf03821fbbe7a1df222e63c9.exe
-
Size
613KB
-
MD5
43fabf19a2fbd73f2948d3eebff56439
-
SHA1
be863b1eedfeb7d0238a182fd8dad7901e72bb13
-
SHA256
0d1a5c39dea3d740f63664dfca5219d4ecf06f6dcf03821fbbe7a1df222e63c9
-
SHA512
db7f5075f11d4dbd18d7de3c22a43b578692d542412681667c90786f78dc36e5a7416e3ff3780dc638600623fabd273e3c15dcd1b11204d91cc29996e54c1c8f
-
SSDEEP
12288:5wsr4w8+A7edi7xtG56RxOEO0kwY0twCruIx:5mGceoxt68OEQd0yCruIx
Malware Config
Signatures
-
Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs
Bootkits write to the MBR to gain persistence at a level below the operating system.
Processes:
0d1a5c39dea3d740f63664dfca5219d4ecf06f6dcf03821fbbe7a1df222e63c9.exedescription ioc process File opened for modification \??\PHYSICALDRIVE0 0d1a5c39dea3d740f63664dfca5219d4ecf06f6dcf03821fbbe7a1df222e63c9.exe
Processes
Network
MITRE ATT&CK Matrix ATT&CK v13
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/4528-1-0x0000000000550000-0x0000000000650000-memory.dmpFilesize
1024KB
-
memory/4528-2-0x0000000000820000-0x000000000088B000-memory.dmpFilesize
428KB
-
memory/4528-3-0x0000000000400000-0x000000000046F000-memory.dmpFilesize
444KB
-
memory/4528-4-0x0000000000400000-0x00000000004AA000-memory.dmpFilesize
680KB
-
memory/4528-5-0x0000000000400000-0x00000000004AA000-memory.dmpFilesize
680KB
-
memory/4528-6-0x0000000000550000-0x0000000000650000-memory.dmpFilesize
1024KB
-
memory/4528-8-0x0000000000820000-0x000000000088B000-memory.dmpFilesize
428KB
-
memory/4528-9-0x0000000000400000-0x000000000046F000-memory.dmpFilesize
444KB