General
-
Target
CPU-Z-v2.09.0-CN.exe
-
Size
1.7MB
-
Sample
240420-n488csgh21
-
MD5
2d996f7868c3fb0383942eeed07dae55
-
SHA1
aac00b639704a3d0cc7d0237b0e632cf61c7d999
-
SHA256
5759d8a927e8a4fb89864a6458066b44f3f6473330b64ffb11cea36d787e5817
-
SHA512
7fa87d28c01ca8155ef934aa347def38f7a8ce5b2b540641a757cc3334ed897eac93f8915cf9b9bce0a6c59b930dcfe23a5b695df88e0c16e6331ab303c1024f
-
SSDEEP
49152:ogwRiSwujx1x9d8ug+iRj0XFGEVRlgmy/VV:ogwRituP18JCHRcL
Static task
static1
Behavioral task
behavioral1
Sample
CPU-Z-v2.09.0-CN.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
CPU-Z-v2.09.0-CN.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
CPU-Z-v2.09.0-CN.exe
-
Size
1.7MB
-
MD5
2d996f7868c3fb0383942eeed07dae55
-
SHA1
aac00b639704a3d0cc7d0237b0e632cf61c7d999
-
SHA256
5759d8a927e8a4fb89864a6458066b44f3f6473330b64ffb11cea36d787e5817
-
SHA512
7fa87d28c01ca8155ef934aa347def38f7a8ce5b2b540641a757cc3334ed897eac93f8915cf9b9bce0a6c59b930dcfe23a5b695df88e0c16e6331ab303c1024f
-
SSDEEP
49152:ogwRiSwujx1x9d8ug+iRj0XFGEVRlgmy/VV:ogwRituP18JCHRcL
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-