90bd9e3fe2c2b4d66d72a8d1df47a6c72c17a8029b0394d48879bce0083bc870

Analysis

max time kernel
163s
max time network
224s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
03-12-2022 15:49

Target

90bd9e3fe2c2b4d66d72a8d1df47a6c72c17a8029b0394d48879bce0083bc870.exe
Size

964KB
MD5

2dc3eba26af65086f1886f94104736ab
SHA1

8ea3dfcfd001d5402b2424572a6f6b8fc8954005
SHA256

90bd9e3fe2c2b4d66d72a8d1df47a6c72c17a8029b0394d48879bce0083bc870
SHA512

2f2c6feaaf9726a7381b1ccdb086b6c20f2412efa45567ecb7fd085f2fd10525e4926db76627e139b1e1cf75ab5e36d43711795a134a2b92167e6354881eb7aa
SSDEEP

24576:9F2cX3Oo/fMYY4v8pK0riKiRIh6SSKjbwKUoOwiE4A:NnOotrmiSMSSK/fVj4A

Score

8^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/624-132-0x0000000000400000-0x0000000000426000-memory.dmp	upx

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
624	90bd9e3fe2c2b4d66d72a8d1df47a6c72c17a8029b0394d48879bce0083bc870.exe
624	90bd9e3fe2c2b4d66d72a8d1df47a6c72c17a8029b0394d48879bce0083bc870.exe

C:\Users\Admin\AppData\Local\Temp\90bd9e3fe2c2b4d66d72a8d1df47a6c72c17a8029b0394d48879bce0083bc870.exe
"C:\Users\Admin\AppData\Local\Temp\90bd9e3fe2c2b4d66d72a8d1df47a6c72c17a8029b0394d48879bce0083bc870.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:624

memory/624-132-0x0000000000400000-0x0000000000426000-memory.dmp

Filesize
152KB

Download