55a894ac5e9a57775bb771361e01fed6838f5fd16b9587ce6589583fc2b54200

Analysis

max time kernel
147s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
20/10/2022, 01:19

Target

55a894ac5e9a57775bb771361e01fed6838f5fd16b9587ce6589583fc2b54200.exe
Size

343KB
MD5

86f9bda28aa5a722f389efa9833177dc
SHA1

7b55478609189bbcba39c73f97b267afa27e0b23
SHA256

55a894ac5e9a57775bb771361e01fed6838f5fd16b9587ce6589583fc2b54200
SHA512

08fca57f4df9afaf7ec59fc8a6dd0de5984c63a7ab4f6eca4f70908c71ac2e1967e1aa825b8a6221a7a7f6053f95cc6b0ca21510b57c8f6b33d66010fc537218
SSDEEP

6144:d31GDkIVIxBWIs6Iz3wDrZNI5xu96J42TNy0kH6+7uJAoSP5Hy9tA:x1zWI+zADdNI5z2+AoS9y9

Score

8^/10

upx

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/3140-132-0x0000000000400000-0x00000000004DB000-memory.dmp	upx
behavioral2/memory/3140-133-0x0000000000400000-0x00000000004DB000-memory.dmp	upx

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
3140	55a894ac5e9a57775bb771361e01fed6838f5fd16b9587ce6589583fc2b54200.exe
3140	55a894ac5e9a57775bb771361e01fed6838f5fd16b9587ce6589583fc2b54200.exe

C:\Users\Admin\AppData\Local\Temp\55a894ac5e9a57775bb771361e01fed6838f5fd16b9587ce6589583fc2b54200.exe
"C:\Users\Admin\AppData\Local\Temp\55a894ac5e9a57775bb771361e01fed6838f5fd16b9587ce6589583fc2b54200.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:3140

memory/3140-132-0x0000000000400000-0x00000000004DB000-memory.dmp

Filesize
876KB

Download
memory/3140-133-0x0000000000400000-0x00000000004DB000-memory.dmp

Filesize
876KB

Download