6cce0075ba02e8021bbfd924f2c4d9e48b61d6dd877a42a9f465859fcab5d465

Analysis

max time kernel
149s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240611-en
resource tags

arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
submitted
17-06-2024 05:15

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6cce0075ba02e8021bbfd924f2c4d9e48b61d6dd877a42a9f465859fcab5d465.exe
Size

621KB
MD5

4a49dad85313f9ec2e0d555a1ac3c662
SHA1

6d84a3c1ef6acf6bd296c92b1769ff6a48c31d78
SHA256

6cce0075ba02e8021bbfd924f2c4d9e48b61d6dd877a42a9f465859fcab5d465
SHA512

81fde092b970269f4d06243590b5a96d3a3b1bfdf8286a9f4948077aed71a9ea6b786620e2457dc99d5dc2ff017269609cbf566d2daf6fdceb77a549c5593765
SSDEEP

12288:9W69s10BAtrVOXgXQprI/wSF7YGPmOwjZ44HrN+PwB5/8:469s10qF4QXkrIjcGPmO+ZlrYm5U

Score

6^/10

bootkit persistence

Malware Config

Signatures

Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs

Bootkits write to the MBR to gain persistence at a level below the operating system.

bootkit persistence

Bootkit

T1542.003

description	ioc	Process
File opened for modification	\??\PHYSICALDRIVE0	6cce0075ba02e8021bbfd924f2c4d9e48b61d6dd877a42a9f465859fcab5d465.exe

C:\Users\Admin\AppData\Local\Temp\6cce0075ba02e8021bbfd924f2c4d9e48b61d6dd877a42a9f465859fcab5d465.exe
"C:\Users\Admin\AppData\Local\Temp\6cce0075ba02e8021bbfd924f2c4d9e48b61d6dd877a42a9f465859fcab5d465.exe"
1⤵
- Writes to the Master Boot Record (MBR)
PID:2932

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

T1542

Bootkit

T1542.003

Privilege Escalation

Defense Evasion

Pre-OS Boot

T1542

Bootkit

T1542.003

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2932-1-0x00000000005A0000-0x00000000006A0000-memory.dmp

Filesize
1024KB

Download
memory/2932-2-0x0000000000770000-0x00000000007DB000-memory.dmp

Filesize
428KB

Download
memory/2932-3-0x0000000000400000-0x000000000046F000-memory.dmp

Filesize
444KB

Download
memory/2932-4-0x0000000000400000-0x00000000004AB000-memory.dmp

Filesize
684KB

Download
memory/2932-5-0x0000000000400000-0x00000000004AB000-memory.dmp

Filesize
684KB

Download
memory/2932-7-0x00000000005A0000-0x00000000006A0000-memory.dmp

Filesize
1024KB

Download
memory/2932-8-0x0000000000770000-0x00000000007DB000-memory.dmp

Filesize
428KB

Download
memory/2932-9-0x0000000000400000-0x000000000046F000-memory.dmp

Filesize
444KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads