c2572655f0cb7f0532fc2aa876f69b169b7cb0b4ece7953d08c95c0e53bd0c3e

Analysis

max time kernel
136s
max time network
157s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
19/10/2022, 18:07

Target

c2572655f0cb7f0532fc2aa876f69b169b7cb0b4ece7953d08c95c0e53bd0c3e.exe
Size

67KB
MD5

a21a44a70f7f79c3aa1476f12dd4b0b0
SHA1

b60481a12015b1d1d4c51b6a9f4401235b4d7867
SHA256

c2572655f0cb7f0532fc2aa876f69b169b7cb0b4ece7953d08c95c0e53bd0c3e
SHA512

37d404b524cbf9243b930a51c77afdcba21117a4802648518bc98ca101d6f2a3cf749e9336ac99a4017aa78d7eaece83c1b76439eab7d007616225018b4096be
SSDEEP

1536:tHoSCdeVMCT6ggMw4Y7FgG2xV89mTr39w6XJJzVtWc++JO+4v:tHoLde/OgV432UcP39hXJZnWcPJl4v

Score

8^/10

upx

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/4316-132-0x0000000000400000-0x0000000000428000-memory.dmp	upx
behavioral2/memory/4316-133-0x0000000000400000-0x0000000000428000-memory.dmp	upx

Drops file in Windows directory 1 IoCs

description	ioc	Process
File created	C:\Windows\dextor32.exe	c2572655f0cb7f0532fc2aa876f69b169b7cb0b4ece7953d08c95c0e53bd0c3e.exe

C:\Users\Admin\AppData\Local\Temp\c2572655f0cb7f0532fc2aa876f69b169b7cb0b4ece7953d08c95c0e53bd0c3e.exe
"C:\Users\Admin\AppData\Local\Temp\c2572655f0cb7f0532fc2aa876f69b169b7cb0b4ece7953d08c95c0e53bd0c3e.exe"
1⤵
- Drops file in Windows directory
PID:4316

memory/4316-132-0x0000000000400000-0x0000000000428000-memory.dmp

Filesize
160KB

Download
memory/4316-133-0x0000000000400000-0x0000000000428000-memory.dmp

Filesize
160KB

Download