Overview
overview
7Static
static
3HD Tune Pr...�e.rar
windows11-21h2-x64
7App/AppInf...le.ini
windows11-21h2-x64
3App/AppInf...on.ico
windows11-21h2-x64
3App/AppInf...28.png
windows11-21h2-x64
3App/AppInf...16.png
windows11-21h2-x64
3App/AppInf...32.png
windows11-21h2-x64
3App/AppInf...fo.ini
windows11-21h2-x64
3App/Defaul...ro.reg
windows11-21h2-x64
1App/HDTune...ne.url
windows11-21h2-x64
3App/HDTune...ro.exe
windows11-21h2-x64
6App/HDTune...ro.url
windows11-21h2-x64
3App/HDTune...us.exe
windows11-21h2-x64
6App/HDTune...ro.pdf
windows11-21h2-x64
1App/HDTune...us.pdf
windows11-21h2-x64
1Data/setti...ro.reg
windows11-21h2-x64
1Data/setti...gs.ini
windows11-21h2-x64
3HDTuneProPortable.exe
windows11-21h2-x64
7$PLUGINSDI...fo.dll
windows11-21h2-x64
3$PLUGINSDI...em.dll
windows11-21h2-x64
3$PLUGINSDIR/UAC.dll
windows11-21h2-x64
3$PLUGINSDI...os.dll
windows11-21h2-x64
3$PLUGINSDI...sh.dll
windows11-21h2-x64
1$PLUGINSDI...ce.dll
windows11-21h2-x64
3$PLUGINSDI...ec.dll
windows11-21h2-x64
3$PLUGINSDI...ry.dll
windows11-21h2-x64
3Ne Ararsan...17.url
windows11-21h2-x64
1Other/Help...er.png
windows11-21h2-x64
3Other/Help...er.png
windows11-21h2-x64
3Other/Help...op.png
windows11-21h2-x64
3Other/Sour...le.ini
windows11-21h2-x64
3Other/Sour...se.txt
windows11-21h2-x64
3Other/Sour...me.txt
windows11-21h2-x64
3Analysis
-
max time kernel
297s -
max time network
205s -
platform
windows11-21h2_x64 -
resource
win11-20240426-en -
resource tags
arch:x64arch:x86image:win11-20240426-enlocale:en-usos:windows11-21h2-x64system -
submitted
07/05/2024, 03:43
Static task
static1
Behavioral task
behavioral1
Sample
HD Tune Pro Full Türkçe.rar
Resource
win11-20240419-en
Behavioral task
behavioral2
Sample
App/AppInfo/Launcher/HDTuneProPortable.ini
Resource
win11-20240426-en
Behavioral task
behavioral3
Sample
App/AppInfo/appicon.ico
Resource
win11-20240419-en
Behavioral task
behavioral4
Sample
App/AppInfo/appicon_128.png
Resource
win11-20240426-en
Behavioral task
behavioral5
Sample
App/AppInfo/appicon_16.png
Resource
win11-20240426-en
Behavioral task
behavioral6
Sample
App/AppInfo/appicon_32.png
Resource
win11-20240419-en
Behavioral task
behavioral7
Sample
App/AppInfo/appinfo.ini
Resource
win11-20240419-en
Behavioral task
behavioral8
Sample
App/DefaultData/settings/HDTunePro.reg
Resource
win11-20240419-en
Behavioral task
behavioral9
Sample
App/HDTunePro/HDTune.url
Resource
win11-20240419-en
Behavioral task
behavioral10
Sample
App/HDTunePro/HDTunePro.exe
Resource
win11-20240426-en
Behavioral task
behavioral11
Sample
App/HDTunePro/HDTunePro.url
Resource
win11-20240419-en
Behavioral task
behavioral12
Sample
App/HDTunePro/HDTuneProDriveStatus.exe
Resource
win11-20240426-en
Behavioral task
behavioral13
Sample
App/HDTunePro/hdtunepro.pdf
Resource
win11-20240426-en
Behavioral task
behavioral14
Sample
App/HDTunePro/hdtuneprodrivestatus.pdf
Resource
win11-20240426-en
Behavioral task
behavioral15
Sample
Data/settings/HDTunePro.reg
Resource
win11-20240419-en
Behavioral task
behavioral16
Sample
Data/settings/HDTuneProPortableSettings.ini
Resource
win11-20240426-en
Behavioral task
behavioral17
Sample
HDTuneProPortable.exe
Resource
win11-20240419-en
Behavioral task
behavioral18
Sample
$PLUGINSDIR/MoreInfo.dll
Resource
win11-20240419-en
Behavioral task
behavioral19
Sample
$PLUGINSDIR/System.dll
Resource
win11-20240419-en
Behavioral task
behavioral20
Sample
$PLUGINSDIR/UAC.dll
Resource
win11-20240426-en
Behavioral task
behavioral21
Sample
$PLUGINSDIR/execDos.dll
Resource
win11-20240419-en
Behavioral task
behavioral22
Sample
$PLUGINSDIR/newadvsplash.dll
Resource
win11-20240419-en
Behavioral task
behavioral23
Sample
$PLUGINSDIR/newtextreplace.dll
Resource
win11-20240426-en
Behavioral task
behavioral24
Sample
$PLUGINSDIR/nsExec.dll
Resource
win11-20240419-en
Behavioral task
behavioral25
Sample
$PLUGINSDIR/registry.dll
Resource
win11-20240426-en
Behavioral task
behavioral26
Sample
Ne Ararsanız bu sitede var--ücretsiz indir2017.url
Resource
win11-20240426-en
Behavioral task
behavioral27
Sample
Other/Help/Images/Help_Background_Footer.png
Resource
win11-20240426-en
Behavioral task
behavioral28
Sample
Other/Help/Images/Help_Background_Header.png
Resource
win11-20240426-en
Behavioral task
behavioral29
Sample
Other/Help/Images/Help_Logo_Top.png
Resource
win11-20240426-en
Behavioral task
behavioral30
Sample
Other/Source/AppNamePortable.ini
Resource
win11-20240419-en
Behavioral task
behavioral31
Sample
Other/Source/LauncherLicense.txt
Resource
win11-20240419-en
Behavioral task
behavioral32
Sample
Other/Source/Readme.txt
Resource
win11-20240419-en
General
-
Target
App/HDTunePro/HDTuneProDriveStatus.exe
-
Size
956KB
-
MD5
207d9e432b54740c9fddc5c0e329f7fe
-
SHA1
0ebeae399d841a24a14bc58e58d4518c896dac90
-
SHA256
9672395634bb42c9053692b427a5984be648d3c91eb5a4072b8bd8ec1e6832f6
-
SHA512
1570026ac7d08487ba38021df698790084406404810921f482730640551c549a1522357f960c3d3a1f902ee9d20e5bd5683a512e01ee7debd3a8ea300eb7ddfb
-
SSDEEP
12288:EANqezhZweulsTP6dP/uKNP5gGIH/E/XlRq6jTtkukHuxpPGAAoi:EgqeQsTa5pIH/E/XlRN7j
Malware Config
Signatures
-
Enumerates connected drives 3 TTPs 25 IoCs
Attempts to read the root path of hard drives other than the default C: drive.
description ioc Process File opened (read-only) \??\O: HDTuneProDriveStatus.exe File opened (read-only) \??\U: HDTuneProDriveStatus.exe File opened (read-only) \??\Z: HDTuneProDriveStatus.exe File opened (read-only) \??\B: HDTuneProDriveStatus.exe File opened (read-only) \??\G: HDTuneProDriveStatus.exe File opened (read-only) \??\N: HDTuneProDriveStatus.exe File opened (read-only) \??\H: HDTuneProDriveStatus.exe File opened (read-only) \??\M: HDTuneProDriveStatus.exe File opened (read-only) \??\T: HDTuneProDriveStatus.exe File opened (read-only) \??\I: HDTuneProDriveStatus.exe File opened (read-only) \??\R: HDTuneProDriveStatus.exe File opened (read-only) \??\Q: HDTuneProDriveStatus.exe File opened (read-only) \??\V: HDTuneProDriveStatus.exe File opened (read-only) \??\W: HDTuneProDriveStatus.exe File opened (read-only) \??\X: HDTuneProDriveStatus.exe File opened (read-only) \??\E: HDTuneProDriveStatus.exe File opened (read-only) \??\J: HDTuneProDriveStatus.exe File opened (read-only) \??\P: HDTuneProDriveStatus.exe File opened (read-only) \??\A: HDTuneProDriveStatus.exe File opened (read-only) \??\F: HDTuneProDriveStatus.exe File opened (read-only) \??\D: HDTuneProDriveStatus.exe File opened (read-only) \??\K: HDTuneProDriveStatus.exe File opened (read-only) \??\Y: HDTuneProDriveStatus.exe File opened (read-only) \??\L: HDTuneProDriveStatus.exe File opened (read-only) \??\S: HDTuneProDriveStatus.exe -
Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs
Bootkits write to the MBR to gain persistence at a level below the operating system.
description ioc Process File opened for modification \??\PhysicalDrive0 HDTuneProDriveStatus.exe -
Suspicious use of SetWindowsHookEx 2 IoCs
pid Process 1388 HDTuneProDriveStatus.exe 1388 HDTuneProDriveStatus.exe