Analysis Overview
SHA256
21aa744c6b0098c52e2d314f48c9f437aae60ee15b581d34c36bf18a1bd9955f
Threat Level: Shows suspicious behavior
The file run.vbs was found to be: Shows suspicious behavior.
Malicious Activity Summary
Writes to the Master Boot Record (MBR)
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-20 11:09
Signatures
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-20 11:09
Reported
2024-06-20 11:11
Platform
win10v2004-20240508-en
Max time kernel
147s
Max time network
157s
Command Line
Signatures
Writes to the Master Boot Record (MBR)
| Description | Indicator | Process | Target |
| File opened for modification | \??\PhysicalDrive0 | C:\Windows\System32\WScript.exe | N/A |
Processes
C:\Windows\System32\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\run.vbs"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
Files
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-20 11:09
Reported
2024-06-20 11:11
Platform
win7-20240220-en
Max time kernel
121s
Max time network
122s
Command Line
Signatures
Writes to the Master Boot Record (MBR)
| Description | Indicator | Process | Target |
| File opened for modification | \??\PhysicalDrive0 | C:\Windows\System32\WScript.exe | N/A |
Processes
C:\Windows\System32\WScript.exe
"C:\Windows\System32\WScript.exe" "C:\Users\Admin\AppData\Local\Temp\run.vbs"