7da42c483b56b79b7f0e0a9b2e8b9f04ce93a9074b14c42d2d8a8199645c07b0

Analysis

max time kernel
142s
max time network
147s
platform
windows10-2004_x64
resource
win10v2004-20220901-en
resource tags

arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
submitted
03/12/2022, 08:12

Target

7da42c483b56b79b7f0e0a9b2e8b9f04ce93a9074b14c42d2d8a8199645c07b0.exe
Size

763KB
MD5

1635ee6b710a9f1269cbc918a273d5f0
SHA1

6317c75bc6aafbd1587a34402f9f7494e5e4d989
SHA256

7da42c483b56b79b7f0e0a9b2e8b9f04ce93a9074b14c42d2d8a8199645c07b0
SHA512

f1aa01df782c1137fd7034d2512904bd01858ec0375579750a6fa8bc6060161143a6d9369e0e33b7f1f6456e4a305dd1cc9e5697a0e828c1e28603a183a0a0ee
SSDEEP

12288:9g9PNCiM7hAA2cqWaERQis+a+woL+iZ6YYsYAews3ifQDot4Fbq2GwT+q8gaK+Qt:q9P8iAhFaER3s+RWi4hDbifnGywJ8gX9

Score

8^/10

upx

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/2692-132-0x0000000000400000-0x0000000000668000-memory.dmp	upx
behavioral2/memory/2692-133-0x0000000000400000-0x0000000000668000-memory.dmp	upx

Program crash 1 IoCs

pid	pid_target	Process	procid_target
4516	2692	WerFault.exe	80

C:\Users\Admin\AppData\Local\Temp\7da42c483b56b79b7f0e0a9b2e8b9f04ce93a9074b14c42d2d8a8199645c07b0.exe
"C:\Users\Admin\AppData\Local\Temp\7da42c483b56b79b7f0e0a9b2e8b9f04ce93a9074b14c42d2d8a8199645c07b0.exe"
1⤵
PID:2692
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2692 -s 552
  2⤵
  - Program crash
  PID:4516

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 464 -p 2692 -ip 2692
1⤵
PID:3980

memory/2692-132-0x0000000000400000-0x0000000000668000-memory.dmp

Filesize
2.4MB

Download
memory/2692-133-0x0000000000400000-0x0000000000668000-memory.dmp

Filesize
2.4MB

Download