93b7ae765cc5089b7e807fcd773ce948721096e3e24e86198064157846e3e712

Analysis

max time kernel
205s
max time network
208s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
01/12/2022, 00:36

Target

93b7ae765cc5089b7e807fcd773ce948721096e3e24e86198064157846e3e712.exe
Size

101KB
MD5

72eeccd6de75f018b53a1be72055c5d0
SHA1

1e64b79fc0432f7953f05c2b600a60287339db5b
SHA256

93b7ae765cc5089b7e807fcd773ce948721096e3e24e86198064157846e3e712
SHA512

b854dc9a6e6e98c120ab46bdc56d351b4a06a7bec703006bf7b435e290201f64fe80209d4c79ce170574d4f54828b0c2930517c5b82c9b1671469406f357f54d
SSDEEP

1536:jmI0pGA9QFZOwv61HW1LItmK/+WLPPyKN7MWpqX4a7prh2ZVJUELyoERrKKlr:KIs9QBv2HWBImgyKN/4FAVJlz0rpl

Score

8^/10

upx

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/792-132-0x0000000000400000-0x000000000046F000-memory.dmp	upx
behavioral2/memory/792-133-0x0000000000400000-0x000000000046F000-memory.dmp	upx

Program crash 1 IoCs

pid	pid_target	Process	procid_target
3312	792	WerFault.exe	80

C:\Users\Admin\AppData\Local\Temp\93b7ae765cc5089b7e807fcd773ce948721096e3e24e86198064157846e3e712.exe
"C:\Users\Admin\AppData\Local\Temp\93b7ae765cc5089b7e807fcd773ce948721096e3e24e86198064157846e3e712.exe"
1⤵
PID:792
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 792 -s 260
  2⤵
  - Program crash
  PID:3312

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 436 -p 792 -ip 792
1⤵
PID:1412

memory/792-132-0x0000000000400000-0x000000000046F000-memory.dmp

Filesize
444KB

Download
memory/792-133-0x0000000000400000-0x000000000046F000-memory.dmp

Filesize
444KB

Download