6b1111fe943df3033e52ad8f583af507a86a63ad4d7b6d70674d18f2b3b28480

Analysis

max time kernel
47s
max time network
51s
platform
windows7_x64
resource
win7-20220901-en
resource tags

arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
submitted
30/10/2022, 09:40

Target

6b1111fe943df3033e52ad8f583af507a86a63ad4d7b6d70674d18f2b3b28480.exe
Size

68KB
MD5

a2b1e3150641a9b4414384ab472882d0
SHA1

902ea75d0013f6b7b07127de4d518cad04b7189c
SHA256

6b1111fe943df3033e52ad8f583af507a86a63ad4d7b6d70674d18f2b3b28480
SHA512

3a5c10ea6572da84d7533f9a381208c0ad7818f6941d28097a9c36886a5c246a5d86a60b0165746d36913a4d1cedc9753749d6f96a6e190846c605cd8c0a4486
SSDEEP

1536:tHoSCdeVMCT6ggMw4Y7FgG2xV89mTr39w6XJJzVtWc++G:tHoLde/OgV432UcP39hXJZnWcPG

Score

8^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral1/memory/860-54-0x0000000000400000-0x0000000000428000-memory.dmp	upx

Drops file in Windows directory 1 IoCs

description	ioc	Process
File created	C:\Windows\dextor32.exe	6b1111fe943df3033e52ad8f583af507a86a63ad4d7b6d70674d18f2b3b28480.exe

C:\Users\Admin\AppData\Local\Temp\6b1111fe943df3033e52ad8f583af507a86a63ad4d7b6d70674d18f2b3b28480.exe
"C:\Users\Admin\AppData\Local\Temp\6b1111fe943df3033e52ad8f583af507a86a63ad4d7b6d70674d18f2b3b28480.exe"
1⤵
- Drops file in Windows directory
PID:860

memory/860-54-0x0000000000400000-0x0000000000428000-memory.dmp

Filesize
160KB

Download