Overview
overview
10Static
static
7Skiioh's P...EE).7z
windows7-x64
3Skiioh's P...EE).7z
windows10-2004-x64
3Skiioh's P...ks.bat
windows7-x64
1Skiioh's P...ks.bat
windows10-2004-x64
1Skiioh's P...ks.bat
windows7-x64
1Skiioh's P...ks.bat
windows10-2004-x64
1Skiioh's P...ks.bat
windows7-x64
1Skiioh's P...ks.bat
windows10-2004-x64
1Skiioh's P...ks.bat
windows7-x64
1Skiioh's P...ks.bat
windows10-2004-x64
1Skiioh's P...ks.bat
windows7-x64
7Skiioh's P...ks.bat
windows10-2004-x64
1Skiioh's P...ks.bat
windows7-x64
1Skiioh's P...ks.bat
windows10-2004-x64
1Skiioh's P...Me.txt
windows7-x64
1Skiioh's P...Me.txt
windows10-2004-x64
1Skiioh's P...ub.exe
windows7-x64
10Skiioh's P...ub.exe
windows10-2004-x64
10Skiioh's P...ub.ini
windows7-x64
1Skiioh's P...ub.ini
windows10-2004-x64
1Skiioh's P...64.exe
windows7-x64
10Skiioh's P...64.exe
windows10-2004-x64
10Skiioh's P...gs.vbs
windows7-x64
3Skiioh's P...gs.vbs
windows10-2004-x64
1Skiioh's P...Me.txt
windows7-x64
1Skiioh's P...Me.txt
windows10-2004-x64
1Skiioh's P...ol.exe
windows7-x64
7Skiioh's P...ol.exe
windows10-2004-x64
7Skiioh's P...ol.ini
windows7-x64
1Skiioh's P...ol.ini
windows10-2004-x64
1Analysis
-
max time kernel
122s -
max time network
127s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
11-05-2024 16:51
Behavioral task
behavioral1
Sample
Skiioh's Performance Pack v2 (FREE).7z
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral2
Sample
Skiioh's Performance Pack v2 (FREE).7z
Resource
win10v2004-20240426-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
Skiioh's Performance Pack v2 (FREE)/(1) Run This First SkiiohTweaks.bat
Resource
win7-20240220-en
windows7-x64
Behavioral task
behavioral4
Sample
Skiioh's Performance Pack v2 (FREE)/(1) Run This First SkiiohTweaks.bat
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral5
Sample
Skiioh's Performance Pack v2 (FREE)/(2) Input Delay SkiiohTweaks.bat
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral6
Sample
Skiioh's Performance Pack v2 (FREE)/(2) Input Delay SkiiohTweaks.bat
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral7
Sample
Skiioh's Performance Pack v2 (FREE)/(3) FPS Boost SkiiohTweaks.bat
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral8
Sample
Skiioh's Performance Pack v2 (FREE)/(3) FPS Boost SkiiohTweaks.bat
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral9
Sample
Skiioh's Performance Pack v2 (FREE)/(4) Power Savings SkiiohTweaks.bat
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral10
Sample
Skiioh's Performance Pack v2 (FREE)/(4) Power Savings SkiiohTweaks.bat
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral11
Sample
Skiioh's Performance Pack v2 (FREE)/(5) Cache Cleaner SkiiohTweaks.bat
Resource
win7-20240215-en
windows7-x64
Behavioral task
behavioral12
Sample
Skiioh's Performance Pack v2 (FREE)/(5) Cache Cleaner SkiiohTweaks.bat
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral13
Sample
Skiioh's Performance Pack v2 (FREE)/(6) Network Tweaks SkiiohTweaks.bat
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral14
Sample
Skiioh's Performance Pack v2 (FREE)/(6) Network Tweaks SkiiohTweaks.bat
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral15
Sample
Skiioh's Performance Pack v2 (FREE)/(7 WUB)/ReadMe.txt
Resource
win7-20240220-en
windows7-x64
Behavioral task
behavioral16
Sample
Skiioh's Performance Pack v2 (FREE)/(7 WUB)/ReadMe.txt
Resource
win10v2004-20240426-en
windows10-2004-x64
Behavioral task
behavioral17
Sample
Skiioh's Performance Pack v2 (FREE)/(7 WUB)/Wub.exe
Resource
win7-20240419-en
windows7-x64
Behavioral task
behavioral18
Sample
Skiioh's Performance Pack v2 (FREE)/(7 WUB)/Wub.exe
Resource
win10v2004-20240426-en
windows10-2004-x64
Behavioral task
behavioral19
Sample
Skiioh's Performance Pack v2 (FREE)/(7 WUB)/Wub.ini
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral20
Sample
Skiioh's Performance Pack v2 (FREE)/(7 WUB)/Wub.ini
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral21
Sample
Skiioh's Performance Pack v2 (FREE)/(7 WUB)/Wub_x64.exe
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral22
Sample
Skiioh's Performance Pack v2 (FREE)/(7 WUB)/Wub_x64.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral23
Sample
Skiioh's Performance Pack v2 (FREE)/(8 DControl)/Defender_Settings.vbs
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral24
Sample
Skiioh's Performance Pack v2 (FREE)/(8 DControl)/Defender_Settings.vbs
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral25
Sample
Skiioh's Performance Pack v2 (FREE)/(8 DControl)/ReadMe.txt
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral26
Sample
Skiioh's Performance Pack v2 (FREE)/(8 DControl)/ReadMe.txt
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral27
Sample
Skiioh's Performance Pack v2 (FREE)/(8 DControl)/dControl.exe
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral28
Sample
Skiioh's Performance Pack v2 (FREE)/(8 DControl)/dControl.exe
Resource
win10v2004-20240426-en
windows10-2004-x64
Behavioral task
behavioral29
Sample
Skiioh's Performance Pack v2 (FREE)/(8 DControl)/dControl.ini
Resource
win7-20240215-en
windows7-x64
Behavioral task
behavioral30
Sample
Skiioh's Performance Pack v2 (FREE)/(8 DControl)/dControl.ini
Resource
win10v2004-20240508-en
windows10-2004-x64
General
-
Target
Skiioh's Performance Pack v2 (FREE)/(4) Power Savings SkiiohTweaks.bat
-
Size
11KB
-
MD5
4bbecd404b9f6cc35c743e7de42a155c
-
SHA1
57a1f44092aae249320e48c219902ede6e48d2a6
-
SHA256
d0cffbe46ed51f076a541a6fe9ad8aeb45164399be650df28669b3cc9c5c8bdf
-
SHA512
43b3d86e7245f755ed2ffbbec8f1371b19235736fd80b2d36e2c760c953b58860a6360aef03626f356f0533b21a1b76035b896e67b9705cace7c95c7c63ddb2f
-
SSDEEP
192:xbHz0aMnIFtNFMUHM3UH8UHM2UH/iX9Ft30FtkFtMFtsFto3FG0H1d0H1G0HBk0k:9TQgLBPw+p3cMEkEUv1wG85Dg8
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 12 IoCs
description pid Process procid_target PID 2020 wrote to memory of 2720 2020 cmd.exe 29 PID 2020 wrote to memory of 2720 2020 cmd.exe 29 PID 2020 wrote to memory of 2720 2020 cmd.exe 29 PID 2720 wrote to memory of 1384 2720 cmd.exe 30 PID 2720 wrote to memory of 1384 2720 cmd.exe 30 PID 2720 wrote to memory of 1384 2720 cmd.exe 30 PID 2020 wrote to memory of 2312 2020 cmd.exe 31 PID 2020 wrote to memory of 2312 2020 cmd.exe 31 PID 2020 wrote to memory of 2312 2020 cmd.exe 31 PID 2020 wrote to memory of 2580 2020 cmd.exe 32 PID 2020 wrote to memory of 2580 2020 cmd.exe 32 PID 2020 wrote to memory of 2580 2020 cmd.exe 32
Processes
-
C:\Windows\system32\cmd.execmd /c "C:\Users\Admin\AppData\Local\Temp\Skiioh's Performance Pack v2 (FREE)\(4) Power Savings SkiiohTweaks.bat"1⤵
- Suspicious use of WriteProcessMemory
PID:2020 -
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c chcp2⤵
- Suspicious use of WriteProcessMemory
PID:2720 -
C:\Windows\system32\chcp.comchcp3⤵PID:1384
-
-
-
C:\Windows\system32\chcp.comchcp 7082⤵PID:2312
-
-
C:\Windows\system32\cmd.execmd /c ""C:\Users\Admin\AppData\Local\Temp\Skiioh's Performance Pack v2 (FREE)\(4) Power Savings SkiiohTweaks.bat" "2⤵PID:2580
-