Overview

overview

7

Static

static

3

processlas...64.exe

windows10-2004-x64

4

$PLUGINSDIR/INetC.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

CPUEater.exe

windows10-2004-x64

1

Insights.exe

windows10-2004-x64

1

InstallHelper.exe

windows10-2004-x64

1

LogViewer.exe

windows10-2004-x64

1

ProcessGovernor.exe

windows10-2004-x64

1

ProcessLasso.exe

windows10-2004-x64

1

ProcessLas...er.exe

windows10-2004-x64

5

QuickUpgrade.exe

windows10-2004-x64

4

ThreadRacer.exe

windows10-2004-x64

1

TweakScheduler.exe

windows10-2004-x64

1

bitsumsess...nt.exe

windows10-2004-x64

1

pl-update.cmd

windows10-2004-x64

1

pl.cmd

windows10-2004-x64

7

plActivate.exe

windows10-2004-x64

1

pl_rsrc_bulgarian.dll

windows10-2004-x64

1

pl_rsrc_chinese.dll

windows10-2004-x64

1

pl_rsrc_ch...al.dll

windows10-2004-x64

1

pl_rsrc_english.dll

windows10-2004-x64

1

pl_rsrc_finnish.dll

windows10-2004-x64

1

pl_rsrc_french.dll

windows10-2004-x64

1

pl_rsrc_german.dll

windows10-2004-x64

1

pl_rsrc_italian.dll

windows10-2004-x64

1

pl_rsrc_japanese.dll

windows10-2004-x64

1

pl_rsrc_korean.dll

windows10-2004-x64

1

pl_rsrc_polish.dll

windows10-2004-x64

1

pl_rsrc_ptbr.dll

windows10-2004-x64

1

pl_rsrc_russian.dll

windows10-2004-x64

1

pl_rsrc_slovenian.dll

windows10-2004-x64

1

Resubmissions

06-07-2024 22:02

240706-1x4eratgrl 7

06-07-2024 19:00

240706-xnn2xssgpc 10

Analysis

  • max time kernel
    150s
  • max time network
    124s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240704-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06-07-2024 22:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    CPUEater.exe

  • Size

    484KB

  • MD5

    b17fa00ea5eaa6514418d1f5a658e8d4

  • SHA1

    0dfe164e40916d937e031122530cfc870ebb17c7

  • SHA256

    2d90fa5a9db0213390d4f864a462ec5c006caf03ea55096bdc5cf46ccf8f6c54

  • SHA512

    440a8e6009dc69deca15431c9b4d1f8a2370a6891337362180b4aa8aa382060afa900d58504a52ed85d06c2e5dbd1fe4d95ae119c83141f7726d6b1c19ab5393

  • SSDEEP

    6144:dJWlpafqCDll1Ik4k5w/Fj/l4lvjlkdQvtIBK5UDEeBxhbYCp:dNfqi1d4k5OFjajlXtiK5UVUCp

Score
1/10

Malware Config

Signatures

  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Suspicious behavior: EnumeratesProcesses 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\CPUEater.exe
    "C:\Users\Admin\AppData\Local\Temp\CPUEater.exe"
    1⤵
    • Checks processor information in registry
    • Suspicious behavior: EnumeratesProcesses
    PID:5096

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads