6a0abd8c583a6c924103f93c6e32c112d05c858db9644dc343a41984b2ee9686 | Triage

Submit
Reports

Overview

overview

7

Static

static

1

Geekbench-...up.exe

windows10-2004-x64

7

Resubmissions

25-03-2023 06:42

230325-hgjfjabe55 7

25-03-2023 06:08

230325-gwdm6abd89 7

25-03-2023 05:23

230325-f3nk9sbc99 7

Sharing

General

Target

Geekbench-6.0.1-WindowsSetup.exe
Size

254.6MB
Sample

230325-gwdm6abd89
MD5

ee547dc6a9e4321d52188c2941f48eee
SHA1

533755a280a0fddcc3d52d3a66d00d9f83a263ea
SHA256

6a0abd8c583a6c924103f93c6e32c112d05c858db9644dc343a41984b2ee9686
SHA512

2c1d422686b0312b971f74c990d604b456dcce5c6ac3169e4b19c617552fc9ebeae17b01e70fdb760a7b5af299734243e967c63a9843fe554831688ff972e9e6
SSDEEP

6291456:jLxHNDnucDaMUqyTDNe2MOa242eBDrs7geBpmuyAvX3:ZHpnuVMUd/3MOa4eBAlBzl

Score

7^/10

bootkit discovery persistence

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Geekbench-6.0.1-WindowsSetup.exe

Resource

win10v2004-20230220-en

bootkit discovery persistence

windows10-2004-x64

14 signatures

1800 seconds

Malware Config

Targets

- Target
  
  Geekbench-6.0.1-WindowsSetup.exe
- Size
  
  254.6MB
- MD5
  
  ee547dc6a9e4321d52188c2941f48eee
- SHA1
  
  533755a280a0fddcc3d52d3a66d00d9f83a263ea
- SHA256
  
  6a0abd8c583a6c924103f93c6e32c112d05c858db9644dc343a41984b2ee9686
- SHA512
  
  2c1d422686b0312b971f74c990d604b456dcce5c6ac3169e4b19c617552fc9ebeae17b01e70fdb760a7b5af299734243e967c63a9843fe554831688ff972e9e6
- SSDEEP
  
  6291456:jLxHNDnucDaMUqyTDNe2MOa242eBDrs7geBpmuyAvX3:ZHpnuVMUd/3MOa4eBAlBzl
Score

7^/10

bootkit discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistence

© 2018-2024

Terms | Privacy