141a474add5efb2e3bc5a6f198582085f9bfda5a76e5b2b806707a892af791b9

Analysis

max time kernel
148s
max time network
159s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
23-11-2022 21:24

Target

141a474add5efb2e3bc5a6f198582085f9bfda5a76e5b2b806707a892af791b9.exe
Size

62KB
MD5

4564cb0d8ed101a6824e2a3150a49550
SHA1

9ac1969a38ada17593be343b6b8c640266a49b39
SHA256

141a474add5efb2e3bc5a6f198582085f9bfda5a76e5b2b806707a892af791b9
SHA512

c9f2eb121c98c541aa84048e44132670d58099e6bcea4795ac506deab076f24d9efb437107532a164d7f332ca34b8e2dd72a3fcca747629f37a693366dcb1ee1
SSDEEP

1536:tHoSCdeVMCT6ggMw4Y7FgG2xV89mTr39w6XJJzVtWVQf:tHoLde/OgV432UcP39hXJZnWVQf

Score

8^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

Processes:

resource	yara_rule
behavioral2/memory/4800-132-0x0000000000400000-0x0000000000428000-memory.dmp	upx

Drops file in Windows directory 1 IoCs

Processes:

141a474add5efb2e3bc5a6f198582085f9bfda5a76e5b2b806707a892af791b9.exe

description ioc process

File created C:\Windows\dextor32.exe 141a474add5efb2e3bc5a6f198582085f9bfda5a76e5b2b806707a892af791b9.exe

description	ioc	process
File created	C:\Windows\dextor32.exe	141a474add5efb2e3bc5a6f198582085f9bfda5a76e5b2b806707a892af791b9.exe

C:\Users\Admin\AppData\Local\Temp\141a474add5efb2e3bc5a6f198582085f9bfda5a76e5b2b806707a892af791b9.exe
"C:\Users\Admin\AppData\Local\Temp\141a474add5efb2e3bc5a6f198582085f9bfda5a76e5b2b806707a892af791b9.exe"
1⤵
- Drops file in Windows directory
PID:4800

memory/4800-132-0x0000000000400000-0x0000000000428000-memory.dmp

Filesize
160KB

Download