8187cdbec517a781e851e4b00fd699473db516a124aa321adf1bd226438cf0f6

Analysis

max time kernel
78s
max time network
132s
platform
windows10-2004_x64
resource
win10v2004-20220901-en
resource tags

arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
submitted
19/09/2022, 13:50

Target

8187cdbec517a781e851e4b00fd699473db516a124aa321adf1bd226438cf0f6.exe
Size

288KB
MD5

58567e0b2e63acd97256ec162b66ca11
SHA1

aa12d97846767e5ec62d6e392816658a9ab262a8
SHA256

8187cdbec517a781e851e4b00fd699473db516a124aa321adf1bd226438cf0f6
SHA512

e57bc54b44a39706efee5c7c4e4ae5bc669dcac05e684475e92bd0c811e42ea004d222d8ab7c2c2c0de999915b90f8f99cef866acee962059614d503a2184170
SSDEEP

6144:41n/hpAGsezcvw4idyV902KUc+xEdgy88g8WhH0jc8cv7mg8:4fOGsGcvGd80LqEdrOH0jPB

Score

8^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/3400-142-0x0000000000400000-0x0000000000463000-memory.dmp	upx

Program crash 2 IoCs

pid	pid_target	Process	procid_target
1520	3400	WerFault.exe	83
1164	3400	WerFault.exe	83

C:\Users\Admin\AppData\Local\Temp\8187cdbec517a781e851e4b00fd699473db516a124aa321adf1bd226438cf0f6.exe
"C:\Users\Admin\AppData\Local\Temp\8187cdbec517a781e851e4b00fd699473db516a124aa321adf1bd226438cf0f6.exe"
1⤵
PID:3400
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 3400 -s 536
  2⤵
  - Program crash
  PID:1520
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 3400 -s 556
  2⤵
  - Program crash
  PID:1164

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 448 -p 3400 -ip 3400
1⤵
PID:4920

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 504 -p 3400 -ip 3400
1⤵
PID:4380

memory/3400-132-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

Filesize
368KB

Download
memory/3400-133-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

Filesize
368KB

Download
memory/3400-135-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

Filesize
368KB

Download
memory/3400-134-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

Filesize
368KB

Download
memory/3400-136-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

Filesize
368KB

Download
memory/3400-137-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

Filesize
368KB

Download
memory/3400-138-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

Filesize
368KB

Download
memory/3400-140-0x0000000000400000-0x0000000000463000-memory.dmp

Filesize
396KB

Download
memory/3400-139-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

Filesize
368KB

Download
memory/3400-141-0x000000007FDF0000-0x000000007FE4C000-memory.dmp

Filesize
368KB

Download
memory/3400-142-0x0000000000400000-0x0000000000463000-memory.dmp

Filesize
396KB

Download