Overview

overview

7

Static

static

1

Geekbench-...up.exe

windows10-2004-x64

7

Resubmissions

25-03-2023 06:42

230325-hgjfjabe55 7

25-03-2023 06:08

230325-gwdm6abd89 7

25-03-2023 05:23

230325-f3nk9sbc99 7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Geekbench-6.0.1-WindowsSetup.exe

  • Size

    254MB

  • Sample

    230325-f3nk9sbc99

  • MD5

    ee547dc6a9e4321d52188c2941f48eee

  • SHA1

    533755a280a0fddcc3d52d3a66d00d9f83a263ea

  • SHA256

    6a0abd8c583a6c924103f93c6e32c112d05c858db9644dc343a41984b2ee9686

  • SHA512

    2c1d422686b0312b971f74c990d604b456dcce5c6ac3169e4b19c617552fc9ebeae17b01e70fdb760a7b5af299734243e967c63a9843fe554831688ff972e9e6

  • SSDEEP

    6291456:jLxHNDnucDaMUqyTDNe2MOa242eBDrs7geBpmuyAvX3:ZHpnuVMUd/3MOa4eBAlBzl

Score
7/10
bootkitdiscoverypersistence

Malware Config

Targets

    • Target

      Geekbench-6.0.1-WindowsSetup.exe

    • Size

      254MB

    • MD5

      ee547dc6a9e4321d52188c2941f48eee

    • SHA1

      533755a280a0fddcc3d52d3a66d00d9f83a263ea

    • SHA256

      6a0abd8c583a6c924103f93c6e32c112d05c858db9644dc343a41984b2ee9686

    • SHA512

      2c1d422686b0312b971f74c990d604b456dcce5c6ac3169e4b19c617552fc9ebeae17b01e70fdb760a7b5af299734243e967c63a9843fe554831688ff972e9e6

    • SSDEEP

      6291456:jLxHNDnucDaMUqyTDNe2MOa242eBDrs7geBpmuyAvX3:ZHpnuVMUd/3MOa4eBAlBzl

    Score
    7/10
    bootkitdiscoverypersistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1

MITRE ATT&CK Matrix

Collection

Command and Control

Credential Access

Defense Evasion

Modify Registry

1
T1112

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Peripheral Device Discovery

1
T1120

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Bootkit

1
T1067

Privilege Escalation

Tasks