9e5f824e9b86d83dd355941e42ccbce7dcdd7d1289ebf64be56b5a24b48909e4

Analysis

max time kernel
34s
max time network
45s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
03/12/2022, 16:34 UTC

Target

9e5f824e9b86d83dd355941e42ccbce7dcdd7d1289ebf64be56b5a24b48909e4.exe
Size

124KB
MD5

f148360af4e37eb65f6e775f34db46a9
SHA1

7dbb6b4803ffbd640461487a3de28f37dc5946c3
SHA256

9e5f824e9b86d83dd355941e42ccbce7dcdd7d1289ebf64be56b5a24b48909e4
SHA512

ba4c18b0375fcd0c7f6cd0766b14a6c6a0d48bdfe69917d22b135cc72668d26fbb0e477314da6c8d30d104025102c0bed45f987f82eef37c13f466965453595c
SSDEEP

1536:KaMmKEB9SeVOkNV9qpAUY539HpWwmgNkww5lx5lvLvEWgDAgvWSrliTR+03sfcW:U29xzP53PWwnzelxEA8rlK+09

Score

8^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral1/memory/1712-54-0x0000000000400000-0x0000000000460000-memory.dmp	upx

Program crash 1 IoCs

pid	pid_target	Process	procid_target
1640	1712	WerFault.exe	19

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1712 wrote to memory of 1640	1712	9e5f824e9b86d83dd355941e42ccbce7dcdd7d1289ebf64be56b5a24b48909e4.exe	27
PID 1712 wrote to memory of 1640	1712	9e5f824e9b86d83dd355941e42ccbce7dcdd7d1289ebf64be56b5a24b48909e4.exe	27
PID 1712 wrote to memory of 1640	1712	9e5f824e9b86d83dd355941e42ccbce7dcdd7d1289ebf64be56b5a24b48909e4.exe	27
PID 1712 wrote to memory of 1640	1712	9e5f824e9b86d83dd355941e42ccbce7dcdd7d1289ebf64be56b5a24b48909e4.exe	27

C:\Users\Admin\AppData\Local\Temp\9e5f824e9b86d83dd355941e42ccbce7dcdd7d1289ebf64be56b5a24b48909e4.exe
"C:\Users\Admin\AppData\Local\Temp\9e5f824e9b86d83dd355941e42ccbce7dcdd7d1289ebf64be56b5a24b48909e4.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1712
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 1712 -s 36
  2⤵
  - Program crash
  PID:1640

memory/1712-54-0x0000000000400000-0x0000000000460000-memory.dmp

Filesize
384KB

Download