General
-
Target
cpu-z_2.02-en.zip
-
Size
3.2MB
-
Sample
230406-b9gzvacg41
-
MD5
4e77c4675b66d83db51355cad19753b6
-
SHA1
f4813aa093af1f4576aaa9710e65aa31eccdf85d
-
SHA256
aba13ee2b163797ca82f78af6c35a6e3ee63c660316814b9efe4d40763129283
-
SHA512
2307f3911f3775034c4073869b672f50ef3ff33f90d6aa5d1c6a964f8298d926bffd483bf3c7855646a8d18391cd1b582d89d74f50c40cf8cf24c37b00bd74f2
-
SSDEEP
98304:9rjRdGto3Cx7uy4awD5popmgUNEf/c8H+fEJGb:VjvHCx7Y7D5apm1Ef/rZGb
Malware Config
Targets
-
-
Target
cpuz.ini
-
Size
528B
-
MD5
4b4a459f630652c3e7012d0ea865e297
-
SHA1
2c1354a2b2d91aa2e8ebca9d5f504dd0ef557236
-
SHA256
125d85b819da20e776a417b58b44126bac3b1150fb993009d879de869fd79497
-
SHA512
63791d1947335fd7db9b661a0a72306643986506f0e6165b8d10d5440596da4b5925ddc8f5f35bf4f882692b06a3b16ddf65dfc6e21c964bbd6237822cfefbfa
Score5/10-
Drops file in System32 directory
-
-
-
Target
cpuz_x64.exe
-
Size
4.4MB
-
MD5
052bbb4cf1736d4375cb9d33c6716f59
-
SHA1
a2245821a0a676b83ed42b0cbe504bf863f2fef8
-
SHA256
b617f63ba7afd4cdab95215bb48c7829311ef6226053ffe23f088e07068fed05
-
SHA512
385df99203bc7c424ad7d9a5f1b9b41ee2cb495383e51e76739e9b14a2a05124ad102583c77ad789fb1da3da19c9e4ce004eb4495bdd2bac6df977930ec4a4ff
-
SSDEEP
49152:TbH6EAnJD3G28reHVRYjE3TPnXELpItLc8aOm7s+TgC:TKnJD2etnXu427hTg
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-