Overview
overview
7Static
static
3AutoGpuAff...ty.exe
windows7-x64
7AutoGpuAff...ty.exe
windows10-2004-x64
7AutoGpuAff...te.exe
windows7-x64
1AutoGpuAff...te.exe
windows10-2004-x64
1AutoGpuAff...64.exe
windows7-x64
1AutoGpuAff...64.exe
windows10-2004-x64
1AutoGpuAff...64.exe
windows7-x64
1AutoGpuAff...64.exe
windows10-2004-x64
1AutoGpuAff...le.exe
windows7-x64
1AutoGpuAff...le.exe
windows10-2004-x64
1AutoGpuAff...64.exe
windows7-x64
4AutoGpuAff...64.exe
windows10-2004-x64
5AutoGpuAffinity.exe
windows7-x64
7AutoGpuAffinity.exe
windows10-2004-x64
7bin/Benchm...te.exe
windows7-x64
1bin/Benchm...te.exe
windows10-2004-x64
1bin/Presen...64.exe
windows7-x64
1bin/Presen...64.exe
windows10-2004-x64
1bin/Presen...64.exe
windows7-x64
1bin/Presen...64.exe
windows10-2004-x64
1bin/liblav...le.exe
windows7-x64
1bin/liblav...le.exe
windows10-2004-x64
1bin/restar...64.exe
windows7-x64
4bin/restar...64.exe
windows10-2004-x64
5Analysis
-
max time kernel
121s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
22-05-2024 02:37
Behavioral task
behavioral1
Sample
AutoGpuAffinity/AutoGpuAffinity/AutoGpuAffinity.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
AutoGpuAffinity/AutoGpuAffinity/AutoGpuAffinity.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
AutoGpuAffinity/AutoGpuAffinity/bin/Benchmark.DirectX9.Black.White.exe
Resource
win7-20240508-en
Behavioral task
behavioral4
Sample
AutoGpuAffinity/AutoGpuAffinity/bin/Benchmark.DirectX9.Black.White.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral5
Sample
AutoGpuAffinity/AutoGpuAffinity/bin/PresentMon/PresentMon-1.6.0-x64.exe
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
AutoGpuAffinity/AutoGpuAffinity/bin/PresentMon/PresentMon-1.6.0-x64.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral7
Sample
AutoGpuAffinity/AutoGpuAffinity/bin/PresentMon/PresentMon-1.8.0-x64.exe
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
AutoGpuAffinity/AutoGpuAffinity/bin/PresentMon/PresentMon-1.8.0-x64.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral9
Sample
AutoGpuAffinity/AutoGpuAffinity/bin/liblava/lava-triangle.exe
Resource
win7-20240221-en
Behavioral task
behavioral10
Sample
AutoGpuAffinity/AutoGpuAffinity/bin/liblava/lava-triangle.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral11
Sample
AutoGpuAffinity/AutoGpuAffinity/bin/restart64/restart64.exe
Resource
win7-20240221-en
Behavioral task
behavioral12
Sample
AutoGpuAffinity/AutoGpuAffinity/bin/restart64/restart64.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral13
Sample
AutoGpuAffinity.exe
Resource
win7-20240220-en
Behavioral task
behavioral14
Sample
AutoGpuAffinity.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral15
Sample
bin/Benchmark.DirectX9.Black.White.exe
Resource
win7-20240221-en
Behavioral task
behavioral16
Sample
bin/Benchmark.DirectX9.Black.White.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral17
Sample
bin/PresentMon/PresentMon-1.6.0-x64.exe
Resource
win7-20240221-en
Behavioral task
behavioral18
Sample
bin/PresentMon/PresentMon-1.6.0-x64.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral19
Sample
bin/PresentMon/PresentMon-1.8.0-x64.exe
Resource
win7-20231129-en
Behavioral task
behavioral20
Sample
bin/PresentMon/PresentMon-1.8.0-x64.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral21
Sample
bin/liblava/lava-triangle.exe
Resource
win7-20240419-en
Behavioral task
behavioral22
Sample
bin/liblava/lava-triangle.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral23
Sample
bin/restart64/restart64.exe
Resource
win7-20240508-en
Behavioral task
behavioral24
Sample
bin/restart64/restart64.exe
Resource
win10v2004-20240426-en
General
-
Target
bin/restart64/restart64.exe
-
Size
73KB
-
MD5
297aa19bade534a791d053ca190b74ad
-
SHA1
15cb6a33994f75fe9e30a2afbc8a7e4616b63962
-
SHA256
5f779bb822aedaf5bd11693cdf73f6c7c3342f37371a78c07c2aca1e15dbfd00
-
SHA512
df883950c598f31b81f22a68b2a9fed7459dcad5084ec6e39399658b0492bcc458d9fc5bb80fda6bc994bed3241f969fc67a0b8e021fb82b040455d64776c625
-
SSDEEP
1536:8vXMJl7uRupZzidl/T+Dnx86Rpy4roKsIrryeq3OTM:8vMJl6RAZu/T+7x8qpRM8rNcOTM
Malware Config
Signatures
-
Drops file in Windows directory 3 IoCs
description ioc Process File opened for modification C:\Windows\INF\setupapi.app.log restart64.exe File opened for modification C:\Windows\setupact.log restart64.exe File opened for modification C:\Windows\setuperr.log restart64.exe -
Suspicious use of AdjustPrivilegeToken 2 IoCs
description pid Process Token: SeLoadDriverPrivilege 2428 restart64.exe Token: SeLoadDriverPrivilege 2428 restart64.exe