Analysis

  • max time kernel
    150s
  • max time network
    45s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    06-02-2023 09:59

General

  • Target

    WindowUpdateBlocker/Wub_x64.exe

  • Size

    924KB

  • MD5

    418dff42eea894a227f78935fbd8b059

  • SHA1

    24c587c6f765bbbbe70f0d4c2f3a8654e8667a25

  • SHA256

    bf79bb5da35061353485c7369cc5ecc9cecc79de7543bd71ce73f7192d0f6ec3

  • SHA512

    ce7f3281dae81006edd545442d32cfe4ffa706964a0a8fc6e8c768fa1ca8a6b92a05a052b57849a73a5d6ecc70c1e4be3a858ddaae21f59a351ee226e248468d

  • SSDEEP

    24576:q2DW/xbgX2YIbBQsu3/PNLKQ4HyAvsT7GUcUHJb:q2EUXgQsW/PNWQojUcUpb

Score
10/10

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\WindowUpdateBlocker\Wub_x64.exe
    "C:\Users\Admin\AppData\Local\Temp\WindowUpdateBlocker\Wub_x64.exe"
    1⤵
    • Modifies security service
    • Suspicious behavior: GetForegroundWindowSpam
    PID:968

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/968-54-0x000007FEFBD21000-0x000007FEFBD23000-memory.dmp

    Filesize

    8KB