939eaaef30992e0130e27c73ceb03908d49eb7821cae1199289223ecb60ef094

Analysis

max time kernel
14s
max time network
31s
platform
windows7_x64
resource
win7-20221111-en
resource tags

arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
submitted
02/12/2022, 17:57

Target

939eaaef30992e0130e27c73ceb03908d49eb7821cae1199289223ecb60ef094.exe
Size

25KB
MD5

8b0c8813229bdce3949ac9553bd95501
SHA1

23159d1f52c31be72887dce18ade2fd83f42ce24
SHA256

939eaaef30992e0130e27c73ceb03908d49eb7821cae1199289223ecb60ef094
SHA512

4a2a2979fdd32165c6bf50d571d72b6948d553480ab4eeb7d750d4cc0fab4b902ea8cb598b6d5c07320e1ca13c4c5a51e724dc6a66adc49bb1a3058968d33fc0
SSDEEP

768:9KvHHeZ6Oe4E2lYaW5aKNFvDaiDNzsI5uH:9KPe4Oe4EZDIAvDh75uH

Score

8^/10

upx

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral1/memory/1060-56-0x0000000000400000-0x0000000000410000-memory.dmp	upx
behavioral1/memory/1060-57-0x0000000000400000-0x0000000000410000-memory.dmp	upx

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
1060	939eaaef30992e0130e27c73ceb03908d49eb7821cae1199289223ecb60ef094.exe

C:\Users\Admin\AppData\Local\Temp\939eaaef30992e0130e27c73ceb03908d49eb7821cae1199289223ecb60ef094.exe
"C:\Users\Admin\AppData\Local\Temp\939eaaef30992e0130e27c73ceb03908d49eb7821cae1199289223ecb60ef094.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:1060

memory/1060-56-0x0000000000400000-0x0000000000410000-memory.dmp

Filesize
64KB

Download
memory/1060-57-0x0000000000400000-0x0000000000410000-memory.dmp

Filesize
64KB

Download