Overview

overview

7

Static

static

3

AutoGpuAff...ty.exe

windows7-x64

7

AutoGpuAff...ty.exe

windows10-2004-x64

7

AutoGpuAff...te.exe

windows7-x64

1

AutoGpuAff...te.exe

windows10-2004-x64

1

AutoGpuAff...64.exe

windows7-x64

1

AutoGpuAff...64.exe

windows10-2004-x64

1

AutoGpuAff...64.exe

windows7-x64

1

AutoGpuAff...64.exe

windows10-2004-x64

1

AutoGpuAff...le.exe

windows7-x64

1

AutoGpuAff...le.exe

windows10-2004-x64

1

AutoGpuAff...64.exe

windows7-x64

4

AutoGpuAff...64.exe

windows10-2004-x64

5

AutoGpuAffinity.exe

windows7-x64

7

AutoGpuAffinity.exe

windows10-2004-x64

7

bin/Benchm...te.exe

windows7-x64

1

bin/Benchm...te.exe

windows10-2004-x64

1

bin/Presen...64.exe

windows7-x64

1

bin/Presen...64.exe

windows10-2004-x64

1

bin/Presen...64.exe

windows7-x64

1

bin/Presen...64.exe

windows10-2004-x64

1

bin/liblav...le.exe

windows7-x64

1

bin/liblav...le.exe

windows10-2004-x64

1

bin/restar...64.exe

windows7-x64

4

bin/restar...64.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    148s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22-05-2024 02:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    AutoGpuAffinity.exe

  • Size

    9.5MB

  • MD5

    7ff1b350471b74b4d1761346ced3bf4e

  • SHA1

    f22183fe77d1718350262f70d324c5c6e3872ae0

  • SHA256

    b15e43031731b76a403b2a3caf193fd1ad4fafe77b1e550b473a1f4d4839b29d

  • SHA512

    00304d72dd0ba76c8b11d93e847e69267371bb6b40e082fec91590dbd258427a89272507d64f38883b1248972f5c2ea3f875932582f62ecc8b020ede0164add0

  • SSDEEP

    196608:1sz0sKYu/PaQVBlibbtc19onJ5hrZERkB2WZufOuD9LjjNWKKy1IrpDhm:qQVBl8btc19c5hlERA2WmfDZ3URoUd

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 11 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\AutoGpuAffinity.exe
    "C:\Users\Admin\AppData\Local\Temp\AutoGpuAffinity.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:868
    • C:\Users\Admin\AppData\Local\Temp\AutoGpuAffinity.exe
      "C:\Users\Admin\AppData\Local\Temp\AutoGpuAffinity.exe"
      2⤵
      • Loads dropped DLL
      PID:1916

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI8682\VCRUNTIME140.dll
    Filesize

    99KB

    MD5

    8697c106593e93c11adc34faa483c4a0

    SHA1

    cd080c51a97aa288ce6394d6c029c06ccb783790

    SHA256

    ff43e813785ee948a937b642b03050bb4b1c6a5e23049646b891a66f65d4c833

    SHA512

    724bbed7ce6f7506e5d0b43399fb3861dda6457a2ad2fafe734f8921c9a4393b480cdd8a435dbdbd188b90236cb98583d5d005e24fa80b5a0622a6322e6f3987

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI8682\VCRUNTIME140_1.dll
    Filesize

    43KB

    MD5

    21ae0d0cfe9ab13f266ad7cd683296be

    SHA1

    f13878738f2932c56e07aa3c6325e4e19d64ae9f

    SHA256

    7b8f70dd3bdae110e61823d1ca6fd8955a5617119f5405cdd6b14cad3656dfc7

    SHA512

    6b2c7ce0fe32faffb68510bf8ae1b61af79b2d8a2d1b633ceba3a8e6a668a4f5179bb836c550ecac495b0fc413df5fe706cd6f42e93eb082a6c68e770339a77c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI8682\_bz2.pyd
    Filesize

    84KB

    MD5

    b89b6c064cd8241ae12addb7f376cab2

    SHA1

    29e86a1df404c442e14344042d39a98dd15425f7

    SHA256

    0563df6e938b836f817c49e0cf9828cc251b2092a84273152ea5a7c537c03beb

    SHA512

    f87b1c6d90cfb01316a17ad37f27287d5ef4ff3a0f7fd25303203ea7c7fa1ed12c1aef486dc9bbb8b4d527f37e771b950fa5142b2bac01f52afbfdbf7a77111d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI8682\_ctypes.pyd
    Filesize

    123KB

    MD5

    4d13a7b3ecc8c7dc96a0424c465d7251

    SHA1

    0c72f7259ac9108d956aede40b6fcdf3a3943cb5

    SHA256

    2995ef03e784c68649fa7898979cbb2c1737f691348fae15f325d9fc524df8ed

    SHA512

    68ff7c421007d63a970269089afb39c949d6cf9f4d56aff7e4e0b88d3c43cfaa352364c5326523386c00727cc36e64274a51b5dbb3a343b16201cf5fc264fec8

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI8682\_lzma.pyd
    Filesize

    158KB

    MD5

    6e396653552d446c8114e98e5e195d09

    SHA1

    c1f760617f7f640d6f84074d6d5218d5a338a6ec

    SHA256

    5ddba137db772b61d4765c45b6156b2ee33a1771ddd52dd55b0ef592535785cf

    SHA512

    c4bf2c4c51350b9142da3faeadf72f94994e614f9e43e3c2a1675aa128c6e7f1212fd388a71124971648488bb718ca9b66452e5d0d0b840a0979df7146ed7ae5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI8682\base_library.zip
    Filesize

    1006KB

    MD5

    b8ed5687a2c94bdc9f296397960a5ba5

    SHA1

    5df50ccbf84ad3d3e39c9a0268d8ac70a191d919

    SHA256

    8e842e19cc3584af7009f414189b0f103a34c5f21477ba953869a5abf50e2624

    SHA512

    f61a8e30ca783fa07ad8bf8fcbe8bf600e674edae9fc870ed4953d43f4b9a8843a1eb081269e98bcc2441b4c9324c531c29e6857a32425c4baf7280fc28a29a8

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI8682\libffi-7.dll
    Filesize

    32KB

    MD5

    eef7981412be8ea459064d3090f4b3aa

    SHA1

    c60da4830ce27afc234b3c3014c583f7f0a5a925

    SHA256

    f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081

    SHA512

    dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI8682\python38.dll
    Filesize

    4.0MB

    MD5

    3cd1e87aeb3d0037d52c8e51030e1084

    SHA1

    49ecd5f6a55f26b0fb3aeb4929868b93cc4ec8af

    SHA256

    13f7c38dc27777a507d4b7f0bd95d9b359925f6f5bf8d0465fe91e0976b610c8

    SHA512

    497e48a379885fdd69a770012e31cd2a62536953e317bb28e3a50fdb177e202f8869ea58fc11802909cabb0552d8c8850537e9fb4ead7dd14a99f67283182340

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI8682\pywin32_system32\pythoncom38.dll
    Filesize

    691KB

    MD5

    597955a07be4ae08f3b09adbf996fa83

    SHA1

    3817e541646fd3cdd7a8256a1260f6edfe7dd0c0

    SHA256

    ddfc515aea27ec414cfc84bef385711c82f0618f482df9d262c490226d7fa9d7

    SHA512

    485efaecb8ea5b2d4644d9ab0927b636f7ab6d660da04b088e26452a28b5b11bccee9724cb625a7d5bde3fa5909aa32f3568909965439a06d3dfc0b7e345c941

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI8682\pywin32_system32\pywintypes38.dll
    Filesize

    139KB

    MD5

    f60da44a33910eda70d838d7635d8fb1

    SHA1

    c35b4cf47349888384729386c74c374edb6f6ff3

    SHA256

    13934599ff931f97e8eac6106dc67d54609befd0b0e653b46f6c25b18830c572

    SHA512

    3c57ed384c23c89f99708bdf688ebd28629e84df8756e7b64dfa8b6e0b52beefb0c62de820f2c72e5679b7632279dcb414a781cfd2c5c9654d09d9da24fa17b3

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI8682\ucrtbase.dll
    Filesize

    1.1MB

    MD5

    3b337c2d41069b0a1e43e30f891c3813

    SHA1

    ebee2827b5cb153cbbb51c9718da1549fa80fc5c

    SHA256

    c04daeba7e7c4b711d33993ab4c51a2e087f98f4211aea0dcb3a216656ba0ab7

    SHA512

    fdb3012a71221447b35757ed2bdca6ed1f8833b2f81d03aabebd2cd7780a33a9c3d816535d03c5c3edd5aaf11d91156842b380e2a63135e3c7f87193ad211499

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI8682\win32\win32api.pyd
    Filesize

    138KB

    MD5

    57be78d0f2a66700600266ebc86c9b3c

    SHA1

    a47987d476cb9c76698890405e0b65aa10e07169

    SHA256

    9ab2b3a63bf2d0ef5ff3412c0b000756677810f3aa60a10bf62bb92c9f9b6ee2

    SHA512

    98c2a2e48adfae6c7d3c7d6731e688a27fc1eb6675760ab44f78e4eedebf88b09e425d21baf5674d402f9cfc9d7ebc6d643f8c763c8db5f6b1f8bf83681c256c

    Download Submit