605559e064a071c19c31ffd7c1db78fa6faaee2bb2ac3cecb1d2fbd8b8b42810

Analysis

max time kernel
186s
max time network
195s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
19/10/2022, 17:42

Target

605559e064a071c19c31ffd7c1db78fa6faaee2bb2ac3cecb1d2fbd8b8b42810.exe
Size

65KB
MD5

a1bd270e906e01b4d2eb0d29745ec1f0
SHA1

8d4c2e8bbf8405f3c78362d69899252fae1f914d
SHA256

605559e064a071c19c31ffd7c1db78fa6faaee2bb2ac3cecb1d2fbd8b8b42810
SHA512

863a9ebdf1cd92e1c6af875d92e4102556375b84d54bcdd7d2f1692dd3976033c068d1244df0c429e7beb4083f77867b85d0febcb3104672fc2c2d438c0b26a4
SSDEEP

1536:KHoSCdeVMCT6ggMw4Y7FgG2xV89mTr39w6k2L5baULR4ET5:KHoLde/OgV432UcP39hvF+8R4E5

Score

8^/10

upx

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/4532-132-0x0000000000400000-0x0000000000428000-memory.dmp	upx
behavioral2/memory/4532-133-0x0000000000400000-0x0000000000428000-memory.dmp	upx

Drops file in Windows directory 1 IoCs

description	ioc	Process
File created	C:\Windows\driv64.exe	605559e064a071c19c31ffd7c1db78fa6faaee2bb2ac3cecb1d2fbd8b8b42810.exe

C:\Users\Admin\AppData\Local\Temp\605559e064a071c19c31ffd7c1db78fa6faaee2bb2ac3cecb1d2fbd8b8b42810.exe
"C:\Users\Admin\AppData\Local\Temp\605559e064a071c19c31ffd7c1db78fa6faaee2bb2ac3cecb1d2fbd8b8b42810.exe"
1⤵
- Drops file in Windows directory
PID:4532

memory/4532-132-0x0000000000400000-0x0000000000428000-memory.dmp

Filesize
160KB

Download
memory/4532-133-0x0000000000400000-0x0000000000428000-memory.dmp

Filesize
160KB

Download