Overview
overview
9Static
static
3FPS Boost ...nt.lnk
windows7-x64
3FPS Boost ...nt.lnk
windows10-2004-x64
7FPS Boost ...pp.exe
windows7-x64
1FPS Boost ...pp.exe
windows10-2004-x64
1FPS Boost ...ed.lnk
windows7-x64
3FPS Boost ...ed.lnk
windows10-2004-x64
3FPS Boost ...e).cmd
windows7-x64
1FPS Boost ...e).cmd
windows10-2004-x64
1FPS Boost ...es.cmd
windows7-x64
7FPS Boost ...es.cmd
windows10-2004-x64
7FPS Boost ...es.cmd
windows7-x64
7FPS Boost ...es.cmd
windows10-2004-x64
1FPS Boost ...ET.cmd
windows7-x64
9FPS Boost ...ET.cmd
windows10-2004-x64
9FPS Boost ...ks.bat
windows7-x64
1FPS Boost ...ks.bat
windows10-2004-x64
1FPS Boost ...ks.bat
windows7-x64
1FPS Boost ...ks.bat
windows10-2004-x64
1FPS Boost ...or.exe
windows7-x64
1FPS Boost ...or.exe
windows10-2004-x64
1FPS Boost ...er.exe
windows7-x64
3FPS Boost ...er.exe
windows10-2004-x64
3FPS Boost ...ks.bat
windows7-x64
1FPS Boost ...ks.bat
windows10-2004-x64
1FPS Boost ...ks.bat
windows7-x64
1FPS Boost ...ks.bat
windows10-2004-x64
1FPS Boost ....8.exe
windows7-x64
1FPS Boost ....8.exe
windows10-2004-x64
1FPS Boost ...gs.bat
windows7-x64
1FPS Boost ...gs.bat
windows10-2004-x64
1FPS Boost ...rs.ps1
windows7-x64
1FPS Boost ...rs.ps1
windows10-2004-x64
1Analysis
-
max time kernel
120s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
06/04/2024, 08:42
Static task
static1
Behavioral task
behavioral1
Sample
FPS Boost Pack/0 Start/!MAKE A Restore Point.lnk
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral2
Sample
FPS Boost Pack/0 Start/!MAKE A Restore Point.lnk
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
FPS Boost Pack/0 Start/1 Uncheck any unwanted startup app.exe
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral4
Sample
FPS Boost Pack/0 Start/1 Uncheck any unwanted startup app.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral5
Sample
FPS Boost Pack/0 Start/2 Uninstall Apps You Don_t Need.lnk
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral6
Sample
FPS Boost Pack/0 Start/2 Uninstall Apps You Don_t Need.lnk
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral7
Sample
FPS Boost Pack/Batch Optimizations/Clear DNS Cache (Ping Improve).cmd
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral8
Sample
FPS Boost Pack/Batch Optimizations/Clear DNS Cache (Ping Improve).cmd
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral9
Sample
FPS Boost Pack/Batch Optimizations/Delete Log Files.cmd
Resource
win7-20240319-en
windows7-x64
Behavioral task
behavioral10
Sample
FPS Boost Pack/Batch Optimizations/Delete Log Files.cmd
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral11
Sample
FPS Boost Pack/Batch Optimizations/Delete Temporary Files.cmd
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral12
Sample
FPS Boost Pack/Batch Optimizations/Delete Temporary Files.cmd
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral13
Sample
FPS Boost Pack/Batch Optimizations/Disable HPET.cmd
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral14
Sample
FPS Boost Pack/Batch Optimizations/Disable HPET.cmd
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral15
Sample
FPS Boost Pack/BcdEdit Tweaks/Latency BCD Tweaks.bat
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral16
Sample
FPS Boost Pack/BcdEdit Tweaks/Latency BCD Tweaks.bat
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral17
Sample
FPS Boost Pack/Gpu (Nvidia only)/Hidden Reg Tweaks/Advanced Hidden Nvidia Gpu Tweaks.bat
Resource
win7-20240215-en
windows7-x64
Behavioral task
behavioral18
Sample
FPS Boost Pack/Gpu (Nvidia only)/Hidden Reg Tweaks/Advanced Hidden Nvidia Gpu Tweaks.bat
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral19
Sample
FPS Boost Pack/Gpu (Nvidia only)/Nvidia Profile Inspector/!NvidiaProfileInspector.exe
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral20
Sample
FPS Boost Pack/Gpu (Nvidia only)/Nvidia Profile Inspector/!NvidiaProfileInspector.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral21
Sample
FPS Boost Pack/Network/1 DnsJumper.exe
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral22
Sample
FPS Boost Pack/Network/1 DnsJumper.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral23
Sample
FPS Boost Pack/Network/2 Network Tweaks.bat
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral24
Sample
FPS Boost Pack/Network/2 Network Tweaks.bat
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral25
Sample
FPS Boost Pack/Registry Tweaks/1 ABDO registry tweaks/85+ Registry Tweaks.bat
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral26
Sample
FPS Boost Pack/Registry Tweaks/1 ABDO registry tweaks/85+ Registry Tweaks.bat
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral27
Sample
FPS Boost Pack/Windows Optimizations/Ultimate Windows Tweaker 4.8.exe
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral28
Sample
FPS Boost Pack/Windows Optimizations/Ultimate Windows Tweaker 4.8.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral29
Sample
FPS Boost Pack/Windows Settings/Windows Settings.bat
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral30
Sample
FPS Boost Pack/Windows Settings/Windows Settings.bat
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral31
Sample
FPS Boost Pack/Windows10Debloater-master/Individual Scripts/Clear Last Used Files and Folders.ps1
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral32
Sample
FPS Boost Pack/Windows10Debloater-master/Individual Scripts/Clear Last Used Files and Folders.ps1
Resource
win10v2004-20240319-en
windows10-2004-x64
General
-
Target
FPS Boost Pack/Batch Optimizations/Disable HPET.cmd
-
Size
281B
-
MD5
66bef50ad05530603269559082ca9237
-
SHA1
b3ecd788acaf8a53f63f6e3a5368db80a1735c7f
-
SHA256
9ba48d6db5fe00c33b4a22a9f0590cbb2746eced74ab0f98233852ac43897b8d
-
SHA512
fcf6171f506f32241ed0a94107c3055bcdfc7397aa4155739aa131236b48f9aac4522214598985e28c1480764fb6f57d50f5cd65aaa83e78c630b64533da06e9
Malware Config
Signatures
-
Modifies boot configuration data using bcdedit 3 IoCs
pid Process 2772 bcdedit.exe 2116 bcdedit.exe 2520 bcdedit.exe -
Suspicious use of WriteProcessMemory 9 IoCs
description pid Process procid_target PID 1612 wrote to memory of 2772 1612 cmd.exe 29 PID 1612 wrote to memory of 2772 1612 cmd.exe 29 PID 1612 wrote to memory of 2772 1612 cmd.exe 29 PID 1612 wrote to memory of 2116 1612 cmd.exe 30 PID 1612 wrote to memory of 2116 1612 cmd.exe 30 PID 1612 wrote to memory of 2116 1612 cmd.exe 30 PID 1612 wrote to memory of 2520 1612 cmd.exe 31 PID 1612 wrote to memory of 2520 1612 cmd.exe 31 PID 1612 wrote to memory of 2520 1612 cmd.exe 31
Processes
-
C:\Windows\system32\cmd.execmd /c "C:\Users\Admin\AppData\Local\Temp\FPS Boost Pack\Batch Optimizations\Disable HPET.cmd"1⤵
- Suspicious use of WriteProcessMemory
PID:1612 -
C:\Windows\system32\bcdedit.exebcdedit /deletevalue useplatformclock2⤵
- Modifies boot configuration data using bcdedit
PID:2772
-
-
C:\Windows\system32\bcdedit.exebcdedit /set disabledynamictick yes2⤵
- Modifies boot configuration data using bcdedit
PID:2116
-
-
C:\Windows\system32\bcdedit.exebcdedit /set useplatformtick yes2⤵
- Modifies boot configuration data using bcdedit
PID:2520
-