a9027c6070365053c3cb91261991c71f1d3a63707df8467e413847f344b3af4d

Analysis

max time kernel
301s
max time network
323s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
18-09-2022 14:13

Target

TrashMalwares-main/Ginxide.exe
Size

56KB
MD5

13811477a50b8732d73637be82c63990
SHA1

9f47b89ec3e902bf8f7a20565d37d04f3ad76ddb
SHA256

68bc599cb133596d945cb0df6031a91ccfedd4d81626b0f43cd778f392efdc17
SHA512

a79960c635da5c15a1cc5851f1b642f7fc893e2f4ceff2853ace3c8d03e6eb561c727e964d64d7c4410b461a8531995421fd893d8339b91260bdd2cf51854ce4
SSDEEP

768:nyth1HLvrFaYJBjKnKH5R/UtImG0YrpLHk8HoLMnEtk6IF4iLF/IAIb/BIc:nyt3swBjMy7Uim7YrdwInG2I

Score

8^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

Processes:

resource	yara_rule
behavioral6/memory/552-132-0x0000000000400000-0x000000000042F000-memory.dmp	upx

Program crash 1 IoCs

Processes:

WerFault.exe

pid pid_target process target process

820 552 WerFault.exe Ginxide.exe

pid	pid_target	process	target process
820	552	WerFault.exe	Ginxide.exe

C:\Users\Admin\AppData\Local\Temp\TrashMalwares-main\Ginxide.exe
"C:\Users\Admin\AppData\Local\Temp\TrashMalwares-main\Ginxide.exe"
1⤵
PID:552

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 552 -s 140
2⤵
- Program crash
PID:820

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 552 -ip 552
1⤵
PID:1440

memory/552-132-0x0000000000400000-0x000000000042F000-memory.dmp

Filesize
188KB

Download