3a071fee04a450b3a26e69e588881b94c4bd1e5b4da1d00f73c3535afcf32569

Analysis

max time kernel
32s
max time network
46s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
02-10-2022 11:17

Target

3a071fee04a450b3a26e69e588881b94c4bd1e5b4da1d00f73c3535afcf32569.exe
Size

120KB
MD5

6e5f7a8d4fe58f55e6e045a40e061231
SHA1

46450806d6002b9621a3f2993762ee38b3d0a257
SHA256

3a071fee04a450b3a26e69e588881b94c4bd1e5b4da1d00f73c3535afcf32569
SHA512

215f4020509f3bd7805b8c2c4c70e260d46f599ec687a6e9a23f029006b13aaef61b9ab6573fa4d49dcccfe29893260418e6f5606c161861aef45450be8af620
SSDEEP

3072:PnMOMaE1IrfbNgHFwqifB6HAsShTFm/d1S:8mrfAwuSZ8//

Score

8^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral1/memory/340-54-0x0000000000400000-0x0000000000434000-memory.dmp	upx

Suspicious behavior: EnumeratesProcesses 1 IoCs

pid	Process
340	3a071fee04a450b3a26e69e588881b94c4bd1e5b4da1d00f73c3535afcf32569.exe

Suspicious use of UnmapMainImage 1 IoCs

pid	Process
340	3a071fee04a450b3a26e69e588881b94c4bd1e5b4da1d00f73c3535afcf32569.exe

Suspicious use of WriteProcessMemory 5 IoCs

description	pid	Process	procid_target
PID 340 wrote to memory of 1268	340	3a071fee04a450b3a26e69e588881b94c4bd1e5b4da1d00f73c3535afcf32569.exe	15
PID 340 wrote to memory of 1268	340	3a071fee04a450b3a26e69e588881b94c4bd1e5b4da1d00f73c3535afcf32569.exe	15
PID 340 wrote to memory of 1268	340	3a071fee04a450b3a26e69e588881b94c4bd1e5b4da1d00f73c3535afcf32569.exe	15
PID 340 wrote to memory of 1268	340	3a071fee04a450b3a26e69e588881b94c4bd1e5b4da1d00f73c3535afcf32569.exe	15
PID 340 wrote to memory of 1268	340	3a071fee04a450b3a26e69e588881b94c4bd1e5b4da1d00f73c3535afcf32569.exe	15

memory/340-54-0x0000000000400000-0x0000000000434000-memory.dmp

Filesize
208KB

Download
memory/340-55-0x0000000075771000-0x0000000075773000-memory.dmp

Filesize
8KB

Download
memory/340-57-0x0000000000400000-0x0000000000434000-memory.dmp

Filesize
208KB

Download
memory/340-56-0x0000000000220000-0x000000000023D000-memory.dmp

Filesize
116KB

Download
memory/340-58-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download