Overview

overview

6

Static

static

3

cryptolaemus

windows10-2004-x64

6

cryptolaemus

windows11-21h2-x64

6

Analysis

  • max time kernel
    147s
  • max time network
    152s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240611-en
  • resource tags

    arch:x64arch:x86image:win11-20240611-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    16/06/2024, 22:10

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    7a4a50031176261042fb264037a5a4d7001b1b35eaed76742e4285e530c79e20.exe

  • Size

    636KB

  • MD5

    2b1fbae54b0b4c8a075f7534bc362c66

  • SHA1

    f3c7cbcbde22f374364f7279e4fda5d9ab75327f

  • SHA256

    7a4a50031176261042fb264037a5a4d7001b1b35eaed76742e4285e530c79e20

  • SHA512

    c8c3af64e00edb7692d8053450ed2974769f14c795242d65f1d18479b514bbe7999719f5dc0d6b4b58cdc886438bac823553d81cb65df1843c40f38c6b382000

  • SSDEEP

    12288:jgalLWTnoNPi1PLegCu5tXVOKw9UWstOPlHODgSEEoFm7:hZanfjeru5tXyUWsYPlHOTEE9

Score
6/10
bootkitpersistence

Malware Config

Signatures

  • Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs

    Bootkits write to the MBR to gain persistence at a level below the operating system.

    bootkitpersistence

Processes

  • C:\Users\Admin\AppData\Local\Temp\7a4a50031176261042fb264037a5a4d7001b1b35eaed76742e4285e530c79e20.exe
    "C:\Users\Admin\AppData\Local\Temp\7a4a50031176261042fb264037a5a4d7001b1b35eaed76742e4285e530c79e20.exe"
    1⤵
    • Writes to the Master Boot Record (MBR)
    PID:4928

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/4928-1-0x00000000025E0000-0x00000000026E0000-memory.dmp

          Filesize

          1024KB

          Download

        • memory/4928-2-0x00000000040F0000-0x000000000415B000-memory.dmp

          Filesize

          428KB

          Download

        • memory/4928-3-0x0000000000400000-0x000000000046F000-memory.dmp

          Filesize

          444KB

          Download

        • memory/4928-4-0x0000000000400000-0x00000000023BB000-memory.dmp

          Filesize

          31.7MB

          Download

        • memory/4928-5-0x0000000000400000-0x00000000023BB000-memory.dmp

          Filesize

          31.7MB

          Download

        • memory/4928-6-0x00000000025E0000-0x00000000026E0000-memory.dmp

          Filesize

          1024KB

          Download

        • memory/4928-8-0x00000000040F0000-0x000000000415B000-memory.dmp

          Filesize

          428KB

          Download

        • memory/4928-9-0x0000000000400000-0x000000000046F000-memory.dmp

          Filesize

          444KB

          Download