Overview

overview

8

Static

static

boost-fps.exe

windows7_x64

8

boost-fps.exe

windows10_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    boost-fps.exe

  • Size

    1.3MB

  • Sample

    210524-6fqz74gv9j

  • MD5

    92fc1129af30ba08a79113624f51bcb7

  • SHA1

    b68388c46a78d262fcdedbaea09372785fb6786c

  • SHA256

    121dec5bd279daf16e683e472949a269bb9751d6ceae4274875e36abe8871946

  • SHA512

    3c1b7f326e717e0ed6cc435647598ec37ce0c2b90a942317f8d4b2c2ac8d3bd4f6c94ec86ad5af4ded8bf31a25485590b03549e0cd5e3509308e04e066efc12c

Score
8/10

Malware Config

Targets

    • Target

      boost-fps.exe

    • Size

      1.3MB

    • MD5

      92fc1129af30ba08a79113624f51bcb7

    • SHA1

      b68388c46a78d262fcdedbaea09372785fb6786c

    • SHA256

      121dec5bd279daf16e683e472949a269bb9751d6ceae4274875e36abe8871946

    • SHA512

      3c1b7f326e717e0ed6cc435647598ec37ce0c2b90a942317f8d4b2c2ac8d3bd4f6c94ec86ad5af4ded8bf31a25485590b03549e0cd5e3509308e04e066efc12c

    Score
    8/10

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks