4dad9baab1084de4be70c6e8c12d872b6125cae22b098fd3e3b20c24aada876d

Analysis

max time kernel
131s
max time network
157s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
01/10/2022, 21:09

Target

4dad9baab1084de4be70c6e8c12d872b6125cae22b098fd3e3b20c24aada876d.exe
Size

548KB
MD5

0181993998d5f3ed3655cc73a6ffef80
SHA1

11105fa3a4b05a52e9c512419185276c2e81b71a
SHA256

4dad9baab1084de4be70c6e8c12d872b6125cae22b098fd3e3b20c24aada876d
SHA512

42f6f4264ecb38b0dca9a94ad8117351709f256850146e4f9fdd49c3d88a122ae6b611d0432db288457ae0592cfd23d2c6d04d0b15ea867fc9485da408818084
SSDEEP

12288:Se1TMld0mSX5FjkFTC860bPRNrkUm1ypnKmHiiCEKfKm:SOoJrLbPRN7m1y1KZGKfKm

Score

8^/10

upx

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/2412-132-0x0000000000400000-0x0000000000566000-memory.dmp	upx
behavioral2/memory/2412-133-0x0000000000400000-0x0000000000566000-memory.dmp	upx

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
2412	4dad9baab1084de4be70c6e8c12d872b6125cae22b098fd3e3b20c24aada876d.exe
2412	4dad9baab1084de4be70c6e8c12d872b6125cae22b098fd3e3b20c24aada876d.exe

C:\Users\Admin\AppData\Local\Temp\4dad9baab1084de4be70c6e8c12d872b6125cae22b098fd3e3b20c24aada876d.exe
"C:\Users\Admin\AppData\Local\Temp\4dad9baab1084de4be70c6e8c12d872b6125cae22b098fd3e3b20c24aada876d.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:2412

memory/2412-132-0x0000000000400000-0x0000000000566000-memory.dmp

Filesize
1.4MB

Download
memory/2412-133-0x0000000000400000-0x0000000000566000-memory.dmp

Filesize
1.4MB

Download