4521cbde8a1518519596ae62606bd43ac2b5c0fdbcb3d77edeb0b259c89797ff

Analysis

max time kernel
89s
max time network
105s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
19/10/2022, 23:01 UTC

Target

4521cbde8a1518519596ae62606bd43ac2b5c0fdbcb3d77edeb0b259c89797ff.exe
Size

85KB
MD5

9218e08773434341fe20b040dd9a8820
SHA1

36a85a36eadcc911fec8669c4dd87d27874a7cb0
SHA256

4521cbde8a1518519596ae62606bd43ac2b5c0fdbcb3d77edeb0b259c89797ff
SHA512

66cad9269892dabb1e57494542cd79d5c3188beec90272f4e45fef7cc110e2364b30e5693984b133aa52015ecc49f4f6f005ddf0efc3070e7d78dc4d7fea71ae
SSDEEP

1536:GBShuAZlL6aHqzaeEXw1Lm0YIzDLXudZ3UdbgOcZytTLFO0IY2VoC8hO:h7v3HqGKtm0nLXM5hOwmTZG3iC8o

Score

8^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/368-132-0x0000000000400000-0x0000000000429000-memory.dmp	upx

Program crash 1 IoCs

pid	pid_target	Process	procid_target
4808	368	WerFault.exe	81

C:\Users\Admin\AppData\Local\Temp\4521cbde8a1518519596ae62606bd43ac2b5c0fdbcb3d77edeb0b259c89797ff.exe
"C:\Users\Admin\AppData\Local\Temp\4521cbde8a1518519596ae62606bd43ac2b5c0fdbcb3d77edeb0b259c89797ff.exe"
1⤵
PID:368
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 368 -s 236
  2⤵
  - Program crash
  PID:4808

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 368 -ip 368
1⤵
PID:4696

No results found

No results found

memory/368-132-0x0000000000400000-0x0000000000429000-memory.dmp

Filesize
164KB

Download