Overview

overview

7

Static

static

7

rrrr/HWiNFO64.exe

windows11-21h2-x64

7

rrrr/STRES...st.dll

windows11-21h2-x64

1

rrrr/STRES...40.dll

windows11-21h2-x64

1

rrrr/STRES...40.dll

windows11-21h2-x64

3

rrrr/STRES...64.exe

windows11-21h2-x64

1

rrrr/STRES...32.exe

windows11-21h2-x64

1

rrrr/STRES...md.dll

windows11-21h2-x64

1

rrrr/STRES...64.exe

windows11-21h2-x64

1

rrrr/STRES...64.exe

windows11-21h2-x64

6

rrrr/STRES...se.rtf

windows11-21h2-x64

1

rrrr/STRES...ic.exe

windows11-21h2-x64

1

rrrr/STRES...ro.exe

windows11-21h2-x64

1

rrrr/STRES...CT.exe

windows11-21h2-x64

7

rrrr/STRES...M5.exe

windows11-21h2-x64

3

rrrr/STRES...T0.dll

windows11-21h2-x64

3

rrrr/STRES...de.url

windows11-21h2-x64

1

rrrr/STRES...se.url

windows11-21h2-x64

1

rrrr/STRES...ms.url

windows11-21h2-x64

1

rrrr/STRES...op.exe

windows11-21h2-x64

1

rrrr/STRES...4P.exe

windows11-21h2-x64

1

rrrr/STRES...mi.exe

windows11-21h2-x64

1

rrrr/STRES...io.exe

windows11-21h2-x64

1

rrrr/STRES...yu.exe

windows11-21h2-x64

1

rrrr/STRES...na.exe

windows11-21h2-x64

1

rrrr/STRES...ri.exe

windows11-21h2-x64

1

rrrr/STRES...mi.exe

windows11-21h2-x64

1

rrrr/STRES...ri.exe

windows11-21h2-x64

1

rrrr/STRES...na.exe

windows11-21h2-x64

1

rrrr/STRES...oa.exe

windows11-21h2-x64

1

rrrr/STRES...bs.dll

windows11-21h2-x64

1

rrrr/STRES...20.dll

windows11-21h2-x64

1

rrrr/STRES...12.dll

windows11-21h2-x64

1

Analysis

  • max time kernel
    1792s
  • max time network
    1484s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240426-en
  • resource tags

    arch:x64arch:x86image:win11-20240426-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    23-05-2024 00:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    rrrr/STRESS TEST/LinpackXtreme-1.1.5/LinpackXtreme_x64.exe

  • Size

    112KB

  • MD5

    0f7452fc9575d1cf0ba9a9364bcd3fb8

  • SHA1

    4a3e6e2e87a07bef65b621a455a5448c33518ea9

  • SHA256

    41d9a37f5a4c1ef97b193e6a06427e06053c2d87d1df29fd4a158bd2bcb97ee5

  • SHA512

    3cda5e3950bc18866f46bb6c52ef6df7cbb154bb7f8e981ee2684382558cdd68316fd311cca96c01e37ced7c07e0ee808f6180e5c998437c0ddb0b18e3d7ef84

  • SSDEEP

    1536:jeMPvdUsN7YOxJIzwpRwnwhSidMyMebXtLW:DVT/xJVpanLP3Qt

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 24 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\rrrr\STRESS TEST\LinpackXtreme-1.1.5\LinpackXtreme_x64.exe
    "C:\Users\Admin\AppData\Local\Temp\rrrr\STRESS TEST\LinpackXtreme-1.1.5\LinpackXtreme_x64.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2588
    • C:\Windows\system32\cmd.exe
      "C:\Windows\system32\cmd" /c "C:\Users\Admin\AppData\Local\Temp\ACCA.tmp\ACCB.tmp\ACCC.bat "C:\Users\Admin\AppData\Local\Temp\rrrr\STRESS TEST\LinpackXtreme-1.1.5\LinpackXtreme_x64.exe""
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:2024
      • C:\Windows\system32\cmd.exe
        C:\Windows\system32\cmd.exe /S /D /c" echo AMD64 Family 6 Model 13 Stepping 2, AuthenticAMD "
        3⤵
          PID:2592
        • C:\Windows\system32\find.exe
          find /i "AMD64 Family 25"
          3⤵
            PID:3760
          • C:\Windows\system32\cmd.exe
            C:\Windows\system32\cmd.exe /S /D /c" echo AMD64 Family 6 Model 13 Stepping 2, AuthenticAMD "
            3⤵
              PID:4228
            • C:\Windows\system32\find.exe
              find /i "AMD64 Family 23 Model 144"
              3⤵
                PID:1568
              • C:\Windows\system32\cmd.exe
                C:\Windows\system32\cmd.exe /S /D /c" echo AMD64 Family 6 Model 13 Stepping 2, AuthenticAMD "
                3⤵
                  PID:2484
                • C:\Windows\system32\find.exe
                  find /i "AMD64 Family 23 Model 113"
                  3⤵
                    PID:8
                  • C:\Windows\system32\cmd.exe
                    C:\Windows\system32\cmd.exe /S /D /c" echo AMD64 Family 6 Model 13 Stepping 2, AuthenticAMD "
                    3⤵
                      PID:4192
                    • C:\Windows\system32\find.exe
                      find /i "AMD64 Family 23 Model 96"
                      3⤵
                        PID:3188
                      • C:\Windows\system32\cmd.exe
                        C:\Windows\system32\cmd.exe /S /D /c" echo AMD64 Family 6 Model 13 Stepping 2, AuthenticAMD "
                        3⤵
                          PID:2328
                        • C:\Windows\system32\find.exe
                          find /i "AMD64 Family 23 Model 49"
                          3⤵
                            PID:1888
                          • C:\Windows\system32\choice.exe
                            choice /c:1234 /n /m "Please select an action to perform: "
                            3⤵
                              PID:1232

                        Network

                        MITRE ATT&CK Matrix

                        Replay Monitor

                        Loading Replay Monitor...

                        Downloads

                        • C:\Users\Admin\AppData\Local\Temp\ACCA.tmp\ACCB.tmp\ACCC.bat
                          Filesize

                          8KB

                          MD5

                          83502fb0a7965424c9ca96c15e3e182b

                          SHA1

                          1ede317060f95ec802306d33f0d43c0325c77a44

                          SHA256

                          6b0f30e78b3e7140e9fe8c1da2b5ecd9057c948e45c1ee2a290a7ebe308a5156

                          SHA512

                          c800636e8ca32a9b812988ae6d368f8edf6c82f4aacbf91b9d3984682c41a06272c60a24bfdafab838282d52e49cdba29f4befd33ca54fbf58181017d9f06d6d

                          Download Submit
                        • memory/2588-0-0x0000000140000000-0x0000000140041000-memory.dmp
                          Filesize

                          260KB

                          Download
                        • memory/2588-3-0x0000000140000000-0x0000000140041000-memory.dmp
                          Filesize

                          260KB

                          Download