79c9a1cf720d4516d2248e514574ab4ea8928cc0e2402f077aa5d1d17f104b22

Analysis

max time kernel
3s
max time network
32s
platform
windows7_x64
resource
win7-20221111-en
resource tags

arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
submitted
01/12/2022, 13:22

Target

79c9a1cf720d4516d2248e514574ab4ea8928cc0e2402f077aa5d1d17f104b22.exe
Size

84KB
MD5

c5a135d92778595a59712bca5386c331
SHA1

d3ef31041ac67b353bafddb9536f8c3e384dd9b4
SHA256

79c9a1cf720d4516d2248e514574ab4ea8928cc0e2402f077aa5d1d17f104b22
SHA512

cf01055c83538c973b3d63912637622bbe354abc5949749bd87add772ac89ab1ff404ff47f69f9a9d3fba407b735eb7089371ea53feecf19d7aea0e0c0c0a013
SSDEEP

1536:vtHkjNMMQMB8Yno96OLnFz4e1/AmE9sIN17GCxwL0gqHM:FDMQMaYo9gW/AmEn7jxwLT

Score

8^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral1/memory/1224-54-0x0000000000400000-0x0000000000435000-memory.dmp	upx

Suspicious use of UnmapMainImage 1 IoCs

pid	Process
1224	79c9a1cf720d4516d2248e514574ab4ea8928cc0e2402f077aa5d1d17f104b22.exe

C:\Users\Admin\AppData\Local\Temp\79c9a1cf720d4516d2248e514574ab4ea8928cc0e2402f077aa5d1d17f104b22.exe
"C:\Users\Admin\AppData\Local\Temp\79c9a1cf720d4516d2248e514574ab4ea8928cc0e2402f077aa5d1d17f104b22.exe"
1⤵
- Suspicious use of UnmapMainImage
PID:1224

memory/1224-54-0x0000000000400000-0x0000000000435000-memory.dmp

Filesize
212KB

Download
memory/1224-56-0x0000000000400000-0x0000000000417000-memory.dmp

Filesize
92KB

Download
memory/1224-59-0x0000000075C41000-0x0000000075C43000-memory.dmp

Filesize
8KB

Download
memory/1224-60-0x0000000000400000-0x0000000000417000-memory.dmp

Filesize
92KB

Download