Overview

overview

7

Static

static

7

FurMark_2....64.zip

windows11-21h2-x64

6

FurMark_wi...LA.txt

windows11-21h2-x64

3

FurMark_wi...UI.exe

windows11-21h2-x64

1

FurMark_wi...ME.txt

windows11-21h2-x64

3

FurMark_wi...nf.xml

windows11-21h2-x64

1

FurMark_wi...er.exe

windows11-21h2-x64

1

FurMark_wi...ts.txt

windows11-21h2-x64

3

FurMark_wi...me.txt

windows11-21h2-x64

3

FurMark_wi...rk.exe

windows11-21h2-x64

1

FurMark_win64/g.dz

windows11-21h2-x64

3

FurMark_wi...64.dll

windows11-21h2-x64

1

FurMark_wi...LA.txt

windows11-21h2-x64

3

FurMark_wi...ME.txt

windows11-21h2-x64

3

FurMark_wi...pp.gxl

windows11-21h2-x64

3

FurMark_wi...nf.xml

windows11-21h2-x64

1

FurMark_wi...me.txt

windows11-21h2-x64

3

FurMark_wi...64.exe

windows11-21h2-x64

1

FurMark_wi...64.dll

windows11-21h2-x64

1

FurMark_wi...64.dll

windows11-21h2-x64

1

FurMark_wi...64.dll

windows11-21h2-x64

1

FurMark_wi...64.dll

windows11-21h2-x64

1

FurMark_wi...uz.exe

windows11-21h2-x64

7

FurMark_wi...64.dll

windows11-21h2-x64

1

FurMark_wi...64.dll

windows11-21h2-x64

1

FurMark_wi...64.dll

windows11-21h2-x64

1

FurMark_wi...64.dll

windows11-21h2-x64

1

FurMark_wi...64.dll

windows11-21h2-x64

1

FurMark_wi...rk.bat

windows11-21h2-x64

1

FurMark_wi...es.bat

windows11-21h2-x64

1

FurMark_wi...en.bat

windows11-21h2-x64

1

FurMark_wi...st.bat

windows11-21h2-x64

1

FurMark_wi...st.bat

windows11-21h2-x64

1

Analysis

  • max time kernel
    1798s
  • max time network
    1498s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240611-en
  • resource tags

    arch:x64arch:x86image:win11-20240611-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    25-06-2024 05:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    FurMark_win64/gpuz/gpuz.exe

  • Size

    9.7MB

  • MD5

    2c78024277562d7c190d1d53a1556f2a

  • SHA1

    3268da1ee29d667d39dd6eff24eaa1fd8adbab9c

  • SHA256

    e2521082260f498233a3777a4fb76ce8092348ada21dbb8674210348d396e7df

  • SHA512

    0fee9112ba52ff4dd3856dc4f57d905c7c233a0c52b49bc8b273f4a24bd7826150c1646fd6f600cc21748098605802c594341f763863c30587c1f77021a9e932

  • SSDEEP

    196608:Wq/ZPPzLFycqrVP7TmhPdXE8+SrDmcRl6Wbp3MDghOH8p5oDPqesM:1/lorwhPDHHLMchJpyD/d

Score
7/10
upx

Malware Config

Signatures

  • Executes dropped EXE 2 IoCs
  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\FurMark_win64\gpuz\gpuz.exe
    "C:\Users\Admin\AppData\Local\Temp\FurMark_win64\gpuz\gpuz.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2524
    • C:\Users\Admin\AppData\Local\Temp\gpuz_installer.exe
      "C:\Users\Admin\AppData\Local\Temp\\gpuz_installer.exe"
      2⤵
      • Executes dropped EXE
      • Suspicious use of WriteProcessMemory
      PID:3160
      • C:\Users\Admin\AppData\Local\Temp\is-CVETD.tmp\gpuz_installer.tmp
        "C:\Users\Admin\AppData\Local\Temp\is-CVETD.tmp\gpuz_installer.tmp" /SL5="$80224,832512,832512,C:\Users\Admin\AppData\Local\Temp\gpuz_installer.exe"
        3⤵
        • Executes dropped EXE
        PID:3128

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\GPU-Z.exe
    Filesize

    9.7MB

    MD5

    2c78024277562d7c190d1d53a1556f2a

    SHA1

    3268da1ee29d667d39dd6eff24eaa1fd8adbab9c

    SHA256

    e2521082260f498233a3777a4fb76ce8092348ada21dbb8674210348d396e7df

    SHA512

    0fee9112ba52ff4dd3856dc4f57d905c7c233a0c52b49bc8b273f4a24bd7826150c1646fd6f600cc21748098605802c594341f763863c30587c1f77021a9e932

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\gpuz_installer.exe
    Filesize

    1.6MB

    MD5

    ac1965fac45e178006a408de0f03c147

    SHA1

    64223b4379ea92087d78463f7970b7aeb7b791d4

    SHA256

    d95d16061176c2eb9e13f0d88d07d7a976e13e773effde4e5b0843ee88612704

    SHA512

    1eb84a0f6fa11b02fb6c89c97abcfacee48b5bc4da7edcdc411440e247c318eac8bc7db788384e06e72af3506fd34adcfd5529861933db8af807c24bab0851d8

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\is-CVETD.tmp\gpuz_installer.tmp
    Filesize

    3.1MB

    MD5

    4c9111b5058cb0a71da1c566e6b15de5

    SHA1

    cdf0963572c509ecc8651a7081dd5aca44886007

    SHA256

    ff02cd92b07585423ef7bdd0a873374922767fe21f93fcebc24181a5ee2111fa

    SHA512

    3dc28a3f0a1404b67dd5374e2c5e13f1c1b0250c1e07666dbbd4bf31b400ee549c3beb7b872dd7d10dd54ce401b01a362a59bca54b2c7209cbedd97caa7cea46

    Download Submit

  • memory/2524-0-0x0000000000B20000-0x0000000003801000-memory.dmp

    Filesize

    44.9MB

    Download

  • memory/2524-15-0x0000000000B20000-0x0000000003801000-memory.dmp

    Filesize

    44.9MB

    Download

  • memory/3128-14-0x0000000000400000-0x000000000071C000-memory.dmp

    Filesize

    3.1MB

    Download

  • memory/3128-17-0x0000000000400000-0x000000000071C000-memory.dmp

    Filesize

    3.1MB

    Download

  • memory/3160-5-0x0000000000400000-0x00000000004D8000-memory.dmp

    Filesize

    864KB

    Download

  • memory/3160-8-0x0000000000401000-0x00000000004B7000-memory.dmp

    Filesize

    728KB

    Download

  • memory/3160-16-0x0000000000400000-0x00000000004D8000-memory.dmp

    Filesize

    864KB

    Download