Overview

overview

7

Static

static

1

cpuz_x64.exe

windows10-2004-x64

7

Resubmissions

06-04-2023 01:50

230406-b9gzvacg41 7

06-04-2023 01:46

230406-b6yhesag32 1

06-04-2023 01:43

230406-b5fafscg21 7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cpu-z_2.02-en.zip

  • Size

    3.2MB

  • Sample

    230406-b5fafscg21

  • MD5

    4e77c4675b66d83db51355cad19753b6

  • SHA1

    f4813aa093af1f4576aaa9710e65aa31eccdf85d

  • SHA256

    aba13ee2b163797ca82f78af6c35a6e3ee63c660316814b9efe4d40763129283

  • SHA512

    2307f3911f3775034c4073869b672f50ef3ff33f90d6aa5d1c6a964f8298d926bffd483bf3c7855646a8d18391cd1b582d89d74f50c40cf8cf24c37b00bd74f2

  • SSDEEP

    98304:9rjRdGto3Cx7uy4awD5popmgUNEf/c8H+fEJGb:VjvHCx7Y7D5apm1Ef/rZGb

Score
7/10
bootkitpersistence

Malware Config

Targets

    • Target

      cpuz_x64.exe

    • Size

      4.4MB

    • MD5

      052bbb4cf1736d4375cb9d33c6716f59

    • SHA1

      a2245821a0a676b83ed42b0cbe504bf863f2fef8

    • SHA256

      b617f63ba7afd4cdab95215bb48c7829311ef6226053ffe23f088e07068fed05

    • SHA512

      385df99203bc7c424ad7d9a5f1b9b41ee2cb495383e51e76739e9b14a2a05124ad102583c77ad789fb1da3da19c9e4ce004eb4495bdd2bac6df977930ec4a4ff

    • SSDEEP

      49152:TbH6EAnJD3G28reHVRYjE3TPnXELpItLc8aOm7s+TgC:TKnJD2etnXu427hTg

    Score
    7/10
    bootkitpersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

1
T1067

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks