91581b69805c50acff26771b13608279a8ff2bba170033fefdf7ca67f00bfd28

Analysis

max time kernel
23s
max time network
46s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
02/12/2022, 17:08

Target

91581b69805c50acff26771b13608279a8ff2bba170033fefdf7ca67f00bfd28.exe
Size

12KB
MD5

4f492fbac8eb07b7e43e98d4cb8c9f20
SHA1

16d339c6b4938802e3de647af26effcbdb3a97b7
SHA256

91581b69805c50acff26771b13608279a8ff2bba170033fefdf7ca67f00bfd28
SHA512

ec500ec36724bb8e00c4a50d758be4574bfb2b1e2d78e760c271d7269ea8a252198d1326ae781364887ce00f5dbe9057cd0bd0eec1cb3fca6d4f8e00024f57a0
SSDEEP

384:Kk1JR/RHYinZv7FWrHo+J1RdotRGe5yZIf:KCJR/9YiIVJ9otd5yu

Score

8^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral1/memory/1368-55-0x0000000000400000-0x000000000040C000-memory.dmp	upx

Suspicious behavior: EnumeratesProcesses 3 IoCs

pid	Process
1368	91581b69805c50acff26771b13608279a8ff2bba170033fefdf7ca67f00bfd28.exe
1368	91581b69805c50acff26771b13608279a8ff2bba170033fefdf7ca67f00bfd28.exe
1368	91581b69805c50acff26771b13608279a8ff2bba170033fefdf7ca67f00bfd28.exe

C:\Users\Admin\AppData\Local\Temp\91581b69805c50acff26771b13608279a8ff2bba170033fefdf7ca67f00bfd28.exe
"C:\Users\Admin\AppData\Local\Temp\91581b69805c50acff26771b13608279a8ff2bba170033fefdf7ca67f00bfd28.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:1368

memory/1368-54-0x0000000075501000-0x0000000075503000-memory.dmp

Filesize
8KB

Download
memory/1368-55-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download