db6ef0fb8a09e3e193f32e8bdc55ed75e8c3c88a2a081fd97bc068902f82ee5d

Analysis

max time kernel
174s
max time network
195s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
07-11-2022 17:14

Target

db6ef0fb8a09e3e193f32e8bdc55ed75e8c3c88a2a081fd97bc068902f82ee5d.exe
Size

312KB
MD5

0fc898ac90039678acb755f4bc8a40e2
SHA1

de01e232b99b995a90dc6713449774c3655c251e
SHA256

db6ef0fb8a09e3e193f32e8bdc55ed75e8c3c88a2a081fd97bc068902f82ee5d
SHA512

b85505c735974076eabb5690b4747c79d48f79ec271cd64f9c754d543380feecbedb5539daffd51637fdbcd418362ae5aa05928c37eded09acddfa7aa6857ca9
SSDEEP

6144:PVzc8JNX3lnTPL2STxinek3hiA7rXIB/qfunfieFlk9:Zc8L3lnH2Snk3YA7rXIBCGnKeQ9

Score

8^/10

upx

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/5028-132-0x0000000001000000-0x0000000001078000-memory.dmp	upx
behavioral2/memory/5028-133-0x0000000001000000-0x0000000001078000-memory.dmp	upx

Program crash 1 IoCs

pid	pid_target	Process	procid_target
4880	5028	WerFault.exe	47

C:\Users\Admin\AppData\Local\Temp\db6ef0fb8a09e3e193f32e8bdc55ed75e8c3c88a2a081fd97bc068902f82ee5d.exe
"C:\Users\Admin\AppData\Local\Temp\db6ef0fb8a09e3e193f32e8bdc55ed75e8c3c88a2a081fd97bc068902f82ee5d.exe"
1⤵
PID:5028
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 5028 -s 536
  2⤵
  - Program crash
  PID:4880

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 432 -p 5028 -ip 5028
1⤵
PID:4536

memory/5028-132-0x0000000001000000-0x0000000001078000-memory.dmp

Filesize
480KB

Download
memory/5028-133-0x0000000001000000-0x0000000001078000-memory.dmp

Filesize
480KB

Download