Overview

overview

6

Static

static

3

cryptolaemus

windows10-2004-x64

6

cryptolaemus

windows11-21h2-x64

6

Analysis

  • max time kernel
    142s
  • max time network
    126s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21/07/2024, 13:43

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2ad6eb808aebbc14feded16b09bc6fc6305bc8a4cedd7f3bfde24fb01979ae94.exe

  • Size

    592KB

  • MD5

    d2009456b4fe33a3b1bb26fbe7b01391

  • SHA1

    2e8415ce3424f56fea0d2904349888b1356b1bc0

  • SHA256

    2ad6eb808aebbc14feded16b09bc6fc6305bc8a4cedd7f3bfde24fb01979ae94

  • SHA512

    a89ba7cbc8ed92f0bea403b78d0dd7d9c416f880dfdba662c1f4ecea11d52ecdb2a0ae717143a748151f6db77ea1bcf6ffe3fde1189e3e826233f94291789728

  • SSDEEP

    6144:qY/tYLhsbwFndRgxRDH67HMRvyQGJMKJO18hl0/aPtyx1sRaUyr0zQVabw:/yLh0wFnHiVGs6QGJ5Hl0Qt6FrMQVB

Score
6/10
bootkitpersistence

Malware Config

Signatures

  • Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs

    Bootkits write to the MBR to gain persistence at a level below the operating system.

    bootkitpersistence

Processes

  • C:\Users\Admin\AppData\Local\Temp\2ad6eb808aebbc14feded16b09bc6fc6305bc8a4cedd7f3bfde24fb01979ae94.exe
    "C:\Users\Admin\AppData\Local\Temp\2ad6eb808aebbc14feded16b09bc6fc6305bc8a4cedd7f3bfde24fb01979ae94.exe"
    1⤵
    • Writes to the Master Boot Record (MBR)
    PID:3048

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/3048-1-0x0000000002550000-0x0000000002650000-memory.dmp

          Filesize

          1024KB

          Download

        • memory/3048-2-0x0000000004210000-0x000000000427B000-memory.dmp

          Filesize

          428KB

          Download

        • memory/3048-3-0x0000000000400000-0x000000000046F000-memory.dmp

          Filesize

          444KB

          Download

        • memory/3048-4-0x0000000000400000-0x00000000024AD000-memory.dmp

          Filesize

          32.7MB

          Download

        • memory/3048-5-0x0000000000400000-0x00000000024AD000-memory.dmp

          Filesize

          32.7MB

          Download

        • memory/3048-7-0x0000000002550000-0x0000000002650000-memory.dmp

          Filesize

          1024KB

          Download

        • memory/3048-8-0x0000000004210000-0x000000000427B000-memory.dmp

          Filesize

          428KB

          Download

        • memory/3048-9-0x0000000000400000-0x000000000046F000-memory.dmp

          Filesize

          444KB

          Download