929b68c249a4addbe1fe6e19865b7ce868c00ac49d2df1db8f159a5ce0688bbe

Analysis

max time kernel
190s
max time network
194s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
29/11/2022, 05:19

Target

929b68c249a4addbe1fe6e19865b7ce868c00ac49d2df1db8f159a5ce0688bbe.exe
Size

4.8MB
MD5

6d1c4e5c30f498e2f01defa3866f22ee
SHA1

cf7b1301ae7a2909b5d1d8f95ce63b9028ae4bf8
SHA256

929b68c249a4addbe1fe6e19865b7ce868c00ac49d2df1db8f159a5ce0688bbe
SHA512

78ee316dc7c4229fb7b81562ab7964b048add1ea732159e9479d3a5d9de160996d3fa88c99c2030825c63e04a688ada4a72eaa55df17de543cefe202d113f8df
SSDEEP

98304:BnsEjHMmH+xmSsydz2PHo6fXxyVVVt2rvlZ8GNd62216coznYrhU0hMsG9R:BsYr+xmSskiHo65yLVslZZHNYDMsGD

Score

8^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/4656-132-0x0000000000400000-0x0000000000597000-memory.dmp	upx

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
4656	929b68c249a4addbe1fe6e19865b7ce868c00ac49d2df1db8f159a5ce0688bbe.exe

C:\Users\Admin\AppData\Local\Temp\929b68c249a4addbe1fe6e19865b7ce868c00ac49d2df1db8f159a5ce0688bbe.exe
"C:\Users\Admin\AppData\Local\Temp\929b68c249a4addbe1fe6e19865b7ce868c00ac49d2df1db8f159a5ce0688bbe.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:4656

memory/4656-132-0x0000000000400000-0x0000000000597000-memory.dmp

Filesize
1.6MB

Download
memory/4656-133-0x0000000000710000-0x0000000000716000-memory.dmp

Filesize
24KB

Download
memory/4656-134-0x0000000000400000-0x0000000000597000-memory.dmp

Filesize
1.6MB

Download
memory/4656-138-0x0000000000400000-0x0000000000597000-memory.dmp

Filesize
1.6MB

Download