Overview
overview
7Static
static
7rrrr/HWiNFO64.exe
windows11-21h2-x64
7rrrr/STRES...st.dll
windows11-21h2-x64
1rrrr/STRES...40.dll
windows11-21h2-x64
1rrrr/STRES...40.dll
windows11-21h2-x64
3rrrr/STRES...64.exe
windows11-21h2-x64
1rrrr/STRES...32.exe
windows11-21h2-x64
1rrrr/STRES...md.dll
windows11-21h2-x64
1rrrr/STRES...64.exe
windows11-21h2-x64
1rrrr/STRES...64.exe
windows11-21h2-x64
6rrrr/STRES...se.rtf
windows11-21h2-x64
1rrrr/STRES...ic.exe
windows11-21h2-x64
1rrrr/STRES...ro.exe
windows11-21h2-x64
1rrrr/STRES...CT.exe
windows11-21h2-x64
7rrrr/STRES...M5.exe
windows11-21h2-x64
3rrrr/STRES...T0.dll
windows11-21h2-x64
3rrrr/STRES...de.url
windows11-21h2-x64
1rrrr/STRES...se.url
windows11-21h2-x64
1rrrr/STRES...ms.url
windows11-21h2-x64
1rrrr/STRES...op.exe
windows11-21h2-x64
1rrrr/STRES...4P.exe
windows11-21h2-x64
1rrrr/STRES...mi.exe
windows11-21h2-x64
1rrrr/STRES...io.exe
windows11-21h2-x64
1rrrr/STRES...yu.exe
windows11-21h2-x64
1rrrr/STRES...na.exe
windows11-21h2-x64
1rrrr/STRES...ri.exe
windows11-21h2-x64
1rrrr/STRES...mi.exe
windows11-21h2-x64
1rrrr/STRES...ri.exe
windows11-21h2-x64
1rrrr/STRES...na.exe
windows11-21h2-x64
1rrrr/STRES...oa.exe
windows11-21h2-x64
1rrrr/STRES...bs.dll
windows11-21h2-x64
1rrrr/STRES...20.dll
windows11-21h2-x64
1rrrr/STRES...12.dll
windows11-21h2-x64
1Analysis
-
max time kernel
1471s -
max time network
1504s -
platform
windows11-21h2_x64 -
resource
win11-20240508-en -
resource tags
arch:x64arch:x86image:win11-20240508-enlocale:en-usos:windows11-21h2-x64system -
submitted
23-05-2024 00:17
Behavioral task
behavioral1
Sample
rrrr/HWiNFO64.exe
Resource
win11-20240426-en
Behavioral task
behavioral2
Sample
rrrr/STRESS TEST/KarhuTestMem/x64/ramtest.dll
Resource
win11-20240508-en
Behavioral task
behavioral3
Sample
rrrr/STRESS TEST/KarhuTestMem/x64/vcomp140.dll
Resource
win11-20240508-en
Behavioral task
behavioral4
Sample
rrrr/STRESS TEST/KarhuTestMem/x86/vcomp140.dll
Resource
win11-20240426-en
Behavioral task
behavioral5
Sample
rrrr/STRESS TEST/LinpackXtreme-1.1.5/LinpackXtreme_x64.exe
Resource
win11-20240426-en
Behavioral task
behavioral6
Sample
rrrr/STRESS TEST/LinpackXtreme-1.1.5/binaries/x32/linpack_amd32.exe
Resource
win11-20240426-en
Behavioral task
behavioral7
Sample
rrrr/STRESS TEST/LinpackXtreme-1.1.5/binaries/x64/libiomp5md.dll
Resource
win11-20240426-en
Behavioral task
behavioral8
Sample
rrrr/STRESS TEST/LinpackXtreme-1.1.5/binaries/x64/linpack_intel64.exe
Resource
win11-20240419-en
Behavioral task
behavioral9
Sample
rrrr/STRESS TEST/LinpackXtreme-1.1.5/hwmonitor/HWMonitor_x64.exe
Resource
win11-20240508-en
Behavioral task
behavioral10
Sample
rrrr/STRESS TEST/LinpackXtreme-1.1.5/license.rtf
Resource
win11-20240426-en
Behavioral task
behavioral11
Sample
rrrr/STRESS TEST/MemTestPro 7/MTPclassic.exe
Resource
win11-20240426-en
Behavioral task
behavioral12
Sample
rrrr/STRESS TEST/MemTestPro 7/MemTestPro.exe
Resource
win11-20240508-en
Behavioral task
behavioral13
Sample
rrrr/STRESS TEST/OCCT.exe
Resource
win11-20240508-en
Behavioral task
behavioral14
Sample
rrrr/STRESS TEST/TestMem5 v0.12 (Many configs repackaged)/TM5.exe
Resource
win11-20240426-en
Behavioral task
behavioral15
Sample
rrrr/STRESS TEST/TestMem5 v0.12 (Many configs repackaged)/bin/MT0.dll
Resource
win11-20240508-en
Behavioral task
behavioral16
Sample
rrrr/STRESS TEST/ThrottleStop_9.6/Basic Throttlestop and Undervolting Guide.url
Resource
win11-20240508-en
Behavioral task
behavioral17
Sample
rrrr/STRESS TEST/ThrottleStop_9.6/The ThrottleStop Guide (2023)- How to Lower Temperatures, Increase.url
Resource
win11-20240426-en
Behavioral task
behavioral18
Sample
rrrr/STRESS TEST/ThrottleStop_9.6/ThrottleStop - TPU Forums.url
Resource
win11-20240508-en
Behavioral task
behavioral19
Sample
rrrr/STRESS TEST/ThrottleStop_9.6/ThrottleStop.exe
Resource
win11-20240508-en
Behavioral task
behavioral20
Sample
rrrr/STRESS TEST/Y-CRUNCHER/Binaries/04-P4P.exe
Resource
win11-20240426-en
Behavioral task
behavioral21
Sample
rrrr/STRESS TEST/Y-CRUNCHER/Binaries/05-A64 ~ Kasumi.exe
Resource
win11-20240426-en
Behavioral task
behavioral22
Sample
rrrr/STRESS TEST/Y-CRUNCHER/Binaries/08-NHM ~ Ushio.exe
Resource
win11-20240419-en
Behavioral task
behavioral23
Sample
rrrr/STRESS TEST/Y-CRUNCHER/Binaries/11-BD1 ~ Miyu.exe
Resource
win11-20240419-en
Behavioral task
behavioral24
Sample
rrrr/STRESS TEST/Y-CRUNCHER/Binaries/11-SNB ~ Hina.exe
Resource
win11-20240426-en
Behavioral task
behavioral25
Sample
rrrr/STRESS TEST/Y-CRUNCHER/Binaries/13-HSW ~ Airi.exe
Resource
win11-20240426-en
Behavioral task
behavioral26
Sample
rrrr/STRESS TEST/Y-CRUNCHER/Binaries/14-BDW ~ Kurumi.exe
Resource
win11-20240426-en
Behavioral task
behavioral27
Sample
rrrr/STRESS TEST/Y-CRUNCHER/Binaries/17-SKX ~ Kotori.exe
Resource
win11-20240426-en
Behavioral task
behavioral28
Sample
rrrr/STRESS TEST/Y-CRUNCHER/Binaries/17-ZN1 ~ Yukina.exe
Resource
win11-20240426-en
Behavioral task
behavioral29
Sample
rrrr/STRESS TEST/Y-CRUNCHER/Binaries/18-CNL ~ Shinoa.exe
Resource
win11-20240508-en
Behavioral task
behavioral30
Sample
rrrr/STRESS TEST/Y-CRUNCHER/Binaries/IccLibs.dll
Resource
win11-20240508-en
Behavioral task
behavioral31
Sample
rrrr/STRESS TEST/Y-CRUNCHER/Binaries/cilkrts20.dll
Resource
win11-20240426-en
Behavioral task
behavioral32
Sample
rrrr/STRESS TEST/Y-CRUNCHER/Binaries/tbb12.dll
Resource
win11-20240508-en
General
-
Target
rrrr/STRESS TEST/ThrottleStop_9.6/ThrottleStop.exe
-
Size
3.8MB
-
MD5
bc9be951bbed1229cab7ecbb77885cb5
-
SHA1
a777a87ab40e5adfac7048aaccbcffea0cc0a555
-
SHA256
77dceddd336cb2a00289159525b834de16a3c006fd9dcd991b232d2b10346997
-
SHA512
ce8c7de8e137b7b04effb83066c408087768ab176349061b99330791f20858674ae90c76583ff1f4add8db89dc25ea416efc1677de56e16a85818439180be2e8
-
SSDEEP
98304:ZC4lhpdW/ZmB2FbUe7F5s8dQWZ7juZoFxrI99WN7e:ZCYrgIODuWFxrI9Wq
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
pid Process 916 ThrottleStop.exe 916 ThrottleStop.exe -
Suspicious behavior: LoadsDriver 1 IoCs
pid Process 660 Process not Found -
Suspicious use of AdjustPrivilegeToken 1 IoCs
description pid Process Token: SeIncBasePriorityPrivilege 916 ThrottleStop.exe -
Suspicious use of SetWindowsHookEx 2 IoCs
pid Process 916 ThrottleStop.exe 916 ThrottleStop.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\rrrr\STRESS TEST\ThrottleStop_9.6\ThrottleStop.exe"C:\Users\Admin\AppData\Local\Temp\rrrr\STRESS TEST\ThrottleStop_9.6\ThrottleStop.exe"1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
PID:916
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
49KB
MD56bc8e3505d9f51368ddf323acb6abc49
SHA182ed942a52cdcf120a8919730e00ba37619661a3
SHA25616f83f056177c4ec24c7e99d01ca9d9d6713bd0497eeedb777a3ffefa99c97f0
SHA512c547ca802b74b93c455cdec1fe184e1d64184cddb9681b920120bc63b6c4285137e892910c9f069d35eea61c8da5b5672bbf72ea88df352d4d84e3d4094b7924