Overview
overview
8Static
static
Process La...er.exe
windows7-x64
1Process La...er.exe
windows10-2004-x64
1Process La...ts.exe
windows7-x64
1Process La...ts.exe
windows10-2004-x64
1Process La...er.exe
windows7-x64
1Process La...er.exe
windows10-2004-x64
1Process La...er.exe
windows7-x64
1Process La...er.exe
windows10-2004-x64
1Process La...or.exe
windows7-x64
1Process La...or.exe
windows10-2004-x64
1Process La...so.exe
windows7-x64
3Process La...so.exe
windows10-2004-x64
3Process La...er.exe
windows7-x64
3Process La...er.exe
windows10-2004-x64
7Process La...de.exe
windows7-x64
8Process La...de.exe
windows10-2004-x64
8Process La...er.exe
windows7-x64
1Process La...er.exe
windows10-2004-x64
1Process La...er.exe
windows7-x64
1Process La...er.exe
windows10-2004-x64
1Process La...ms.exe
windows7-x64
1Process La...ms.exe
windows10-2004-x64
1Process La...nt.exe
windows7-x64
1Process La...nt.exe
windows10-2004-x64
1Process La...pl.cmd
windows7-x64
8Process La...pl.cmd
windows10-2004-x64
8Process La...an.dll
windows7-x64
1Process La...an.dll
windows10-2004-x64
1Process La...se.dll
windows7-x64
1Process La...se.dll
windows10-2004-x64
1Process La...al.dll
windows7-x64
1Process La...al.dll
windows10-2004-x64
1Analysis
-
max time kernel
154s -
max time network
160s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system -
submitted
14-10-2022 14:47
Static task
static1
Behavioral task
behavioral1
Sample
Process Lasso 11.1.1.26 #soft8 病毒 0 (111.10.14)/App/ProcessLasso/CPUEater.exe
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral2
Sample
Process Lasso 11.1.1.26 #soft8 病毒 0 (111.10.14)/App/ProcessLasso/CPUEater.exe
Resource
win10v2004-20220812-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
Process Lasso 11.1.1.26 #soft8 病毒 0 (111.10.14)/App/ProcessLasso/Insights.exe
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral4
Sample
Process Lasso 11.1.1.26 #soft8 病毒 0 (111.10.14)/App/ProcessLasso/Insights.exe
Resource
win10v2004-20220812-en
windows10-2004-x64
Behavioral task
behavioral5
Sample
Process Lasso 11.1.1.26 #soft8 病毒 0 (111.10.14)/App/ProcessLasso/InstallHelper.exe
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral6
Sample
Process Lasso 11.1.1.26 #soft8 病毒 0 (111.10.14)/App/ProcessLasso/InstallHelper.exe
Resource
win10v2004-20220812-en
windows10-2004-x64
Behavioral task
behavioral7
Sample
Process Lasso 11.1.1.26 #soft8 病毒 0 (111.10.14)/App/ProcessLasso/LogViewer.exe
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral8
Sample
Process Lasso 11.1.1.26 #soft8 病毒 0 (111.10.14)/App/ProcessLasso/LogViewer.exe
Resource
win10v2004-20220812-en
windows10-2004-x64
Behavioral task
behavioral9
Sample
Process Lasso 11.1.1.26 #soft8 病毒 0 (111.10.14)/App/ProcessLasso/ProcessGovernor.exe
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral10
Sample
Process Lasso 11.1.1.26 #soft8 病毒 0 (111.10.14)/App/ProcessLasso/ProcessGovernor.exe
Resource
win10v2004-20220812-en
windows10-2004-x64
Behavioral task
behavioral11
Sample
Process Lasso 11.1.1.26 #soft8 病毒 0 (111.10.14)/App/ProcessLasso/ProcessLasso.exe
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral12
Sample
Process Lasso 11.1.1.26 #soft8 病毒 0 (111.10.14)/App/ProcessLasso/ProcessLasso.exe
Resource
win10v2004-20220812-en
windows10-2004-x64
Behavioral task
behavioral13
Sample
Process Lasso 11.1.1.26 #soft8 病毒 0 (111.10.14)/App/ProcessLasso/ProcessLassoLauncher.exe
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral14
Sample
Process Lasso 11.1.1.26 #soft8 病毒 0 (111.10.14)/App/ProcessLasso/ProcessLassoLauncher.exe
Resource
win10v2004-20220901-en
windows10-2004-x64
Behavioral task
behavioral15
Sample
Process Lasso 11.1.1.26 #soft8 病毒 0 (111.10.14)/App/ProcessLasso/QuickUpgrade.exe
Resource
win7-20220901-en
windows7-x64
Behavioral task
behavioral16
Sample
Process Lasso 11.1.1.26 #soft8 病毒 0 (111.10.14)/App/ProcessLasso/QuickUpgrade.exe
Resource
win10v2004-20220812-en
windows10-2004-x64
Behavioral task
behavioral17
Sample
Process Lasso 11.1.1.26 #soft8 病毒 0 (111.10.14)/App/ProcessLasso/ThreadRacer.exe
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral18
Sample
Process Lasso 11.1.1.26 #soft8 病毒 0 (111.10.14)/App/ProcessLasso/ThreadRacer.exe
Resource
win10v2004-20220812-en
windows10-2004-x64
Behavioral task
behavioral19
Sample
Process Lasso 11.1.1.26 #soft8 病毒 0 (111.10.14)/App/ProcessLasso/TweakScheduler.exe
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral20
Sample
Process Lasso 11.1.1.26 #soft8 病毒 0 (111.10.14)/App/ProcessLasso/TweakScheduler.exe
Resource
win10v2004-20220812-en
windows10-2004-x64
Behavioral task
behavioral21
Sample
Process Lasso 11.1.1.26 #soft8 病毒 0 (111.10.14)/App/ProcessLasso/bitsumms.exe
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral22
Sample
Process Lasso 11.1.1.26 #soft8 病毒 0 (111.10.14)/App/ProcessLasso/bitsumms.exe
Resource
win10v2004-20220901-en
windows10-2004-x64
Behavioral task
behavioral23
Sample
Process Lasso 11.1.1.26 #soft8 病毒 0 (111.10.14)/App/ProcessLasso/bitsumsessionagent.exe
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral24
Sample
Process Lasso 11.1.1.26 #soft8 病毒 0 (111.10.14)/App/ProcessLasso/bitsumsessionagent.exe
Resource
win10v2004-20220901-en
windows10-2004-x64
Behavioral task
behavioral25
Sample
Process Lasso 11.1.1.26 #soft8 病毒 0 (111.10.14)/App/ProcessLasso/pl.cmd
Resource
win7-20220901-en
windows7-x64
Behavioral task
behavioral26
Sample
Process Lasso 11.1.1.26 #soft8 病毒 0 (111.10.14)/App/ProcessLasso/pl.cmd
Resource
win10v2004-20220901-en
windows10-2004-x64
Behavioral task
behavioral27
Sample
Process Lasso 11.1.1.26 #soft8 病毒 0 (111.10.14)/App/ProcessLasso/pl_rsrc_bulgarian.dll
Resource
win7-20220901-en
windows7-x64
Behavioral task
behavioral28
Sample
Process Lasso 11.1.1.26 #soft8 病毒 0 (111.10.14)/App/ProcessLasso/pl_rsrc_bulgarian.dll
Resource
win10v2004-20220812-en
windows10-2004-x64
Behavioral task
behavioral29
Sample
Process Lasso 11.1.1.26 #soft8 病毒 0 (111.10.14)/App/ProcessLasso/pl_rsrc_chinese.dll
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral30
Sample
Process Lasso 11.1.1.26 #soft8 病毒 0 (111.10.14)/App/ProcessLasso/pl_rsrc_chinese.dll
Resource
win10v2004-20220812-en
windows10-2004-x64
Behavioral task
behavioral31
Sample
Process Lasso 11.1.1.26 #soft8 病毒 0 (111.10.14)/App/ProcessLasso/pl_rsrc_chinese_traditional.dll
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral32
Sample
Process Lasso 11.1.1.26 #soft8 病毒 0 (111.10.14)/App/ProcessLasso/pl_rsrc_chinese_traditional.dll
Resource
win10v2004-20220812-en
windows10-2004-x64
General
-
Target
Process Lasso 11.1.1.26 #soft8 病毒 0 (111.10.14)/App/ProcessLasso/CPUEater.exe
-
Size
449KB
-
MD5
146665a213383d13cd300b2067e7a9ff
-
SHA1
25e07a7f28222e03b3d3ce08cfe0c27ea904e52f
-
SHA256
19d86baade0e81095512e381c9335117d89d615740a0fc9e4f2da6cc3a165cd7
-
SHA512
2db64769f55104830fae824fbad697c22e82ac7291fcc733a3bd8024ad7726d21b3ca6c5444d7291f80aaaafd81951a956c4727c28607f179df46090e3e6a01b
-
SSDEEP
6144:ERCR8YcDwTQxnRF8bQ3IbZme4m76hbS0+yHPvi6AOuJUMMhL91A:ERCRPinRNIbZme4G6h7XFCSh1A
Malware Config
Signatures
-
Checks processor information in registry 2 TTPs 2 IoCs
Processor information is often read in order to detect sandboxing environments.
description ioc Process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 CPUEater.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString CPUEater.exe -
Suspicious behavior: EnumeratesProcesses 64 IoCs
pid Process 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe 2764 CPUEater.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\Process Lasso 11.1.1.26 #soft8 病毒 0 (111.10.14)\App\ProcessLasso\CPUEater.exe"C:\Users\Admin\AppData\Local\Temp\Process Lasso 11.1.1.26 #soft8 病毒 0 (111.10.14)\App\ProcessLasso\CPUEater.exe"1⤵
- Checks processor information in registry
- Suspicious behavior: EnumeratesProcesses
PID:2764