Overview

overview

7

Static

static

1

cpu-z_2.04-cn.exe

windows7-x64

7

cpu-z_2.04-cn.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cpu-z_2.04-cn.exe

  • Size

    2.1MB

  • Sample

    230331-lr2lmsaf4x

  • MD5

    c6991216bb74a500d66446f4b8f73f8f

  • SHA1

    6a7cdaa8877cb4ecfde6a61621f647ee846cce8a

  • SHA256

    57d8256a6c6a510470583bba4569269b7125e131c17dca0954c09261f4cae042

  • SHA512

    562df759cc324e2cb25acbd856bbe0c61045909a45cede4bfa4a1b8a21e95c85440f987f5e3dcf9b165bf4175fa4ee89062a227ad8eb051f1df723f211b24ec3

  • SSDEEP

    49152:SyhgH6UQ/t5Jr/zrkQDXFmmuEcXB3cgvBBTPcw0Lj11am:D+H6UQV5JrLFbFmmunXt3zETLj11Z

Score
7/10
bootkitdiscoverypersistence

Malware Config

Targets

    • Target

      cpu-z_2.04-cn.exe

    • Size

      2.1MB

    • MD5

      c6991216bb74a500d66446f4b8f73f8f

    • SHA1

      6a7cdaa8877cb4ecfde6a61621f647ee846cce8a

    • SHA256

      57d8256a6c6a510470583bba4569269b7125e131c17dca0954c09261f4cae042

    • SHA512

      562df759cc324e2cb25acbd856bbe0c61045909a45cede4bfa4a1b8a21e95c85440f987f5e3dcf9b165bf4175fa4ee89062a227ad8eb051f1df723f211b24ec3

    • SSDEEP

      49152:SyhgH6UQ/t5Jr/zrkQDXFmmuEcXB3cgvBBTPcw0Lj11am:D+H6UQV5JrLFbFmmunXt3zETLj11Z

    Score
    7/10
    bootkitdiscoverypersistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

1
T1067

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks