43280d5ec7001717984f14afad9cae2b00eca6605d1d2ba02f83588cb36b2cb3

Analysis

max time kernel
91s
max time network
139s
platform
windows10-2004_x64
resource
win10v2004-20220901-en
resource tags

arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
submitted
23-11-2022 18:52

Target

43280d5ec7001717984f14afad9cae2b00eca6605d1d2ba02f83588cb36b2cb3.exe
Size

255KB
MD5

3eaf20bf47494023db88ee9da1437ed8
SHA1

aec1d17b46a0b5c328ef39404e8521a203d3c555
SHA256

43280d5ec7001717984f14afad9cae2b00eca6605d1d2ba02f83588cb36b2cb3
SHA512

11cd53fd3c46e428d1a10ad2fd474139afd1e8817396d8fc1bb964d0de6e1e5beb8c906a01eefcde42aa96c8b24f3c13a59bb5dcf02c05a300c4b050b1c2bd83
SSDEEP

6144:AHP7/GdouNeZrrfWYLCut9VAFkBtPKldzPYKLGJbdtDuG4:AHbG6uElreYLCuzEkXKldDNL4Bt14

Score

8^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

Processes:

resource	yara_rule
behavioral2/memory/1616-132-0x0000000001000000-0x000000000106A000-memory.dmp	upx

Program crash 1 IoCs

Processes:

WerFault.exe

pid pid_target process target process

4768 1616 WerFault.exe 43280d5ec7001717984f14afad9cae2b00eca6605d1d2ba02f83588cb36b2cb3.exe

pid	pid_target	process	target process
4768	1616	WerFault.exe	43280d5ec7001717984f14afad9cae2b00eca6605d1d2ba02f83588cb36b2cb3.exe

C:\Users\Admin\AppData\Local\Temp\43280d5ec7001717984f14afad9cae2b00eca6605d1d2ba02f83588cb36b2cb3.exe
"C:\Users\Admin\AppData\Local\Temp\43280d5ec7001717984f14afad9cae2b00eca6605d1d2ba02f83588cb36b2cb3.exe"
1⤵
PID:1616

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 1616 -s 456
2⤵
- Program crash
PID:4768

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 1616 -ip 1616
1⤵
PID:4812

memory/1616-132-0x0000000001000000-0x000000000106A000-memory.dmp

Filesize
424KB

Download