e7c70c2245524022b025ef330e63002c7c0f0494a99e8cd0de4bb441e108d078

Analysis

max time kernel
95s
max time network
163s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
04-12-2022 04:57

Target

e7c70c2245524022b025ef330e63002c7c0f0494a99e8cd0de4bb441e108d078.exe
Size

228KB
MD5

3d74a1967c38b8f13ff7914f85cd561f
SHA1

adf8c596567cd0ce44935e1ff039f9ff8b5f908b
SHA256

e7c70c2245524022b025ef330e63002c7c0f0494a99e8cd0de4bb441e108d078
SHA512

f4f8338aa22ad5c8e95d0c3eab788f217d39e18cfac40fe5a3a09158dc7cb7b23b1271d0f8a00148c5c95b9de861bf5ac38e03fab7303676c02f71164baffbb3
SSDEEP

6144:Rvc3UZV9VQ/bsCq1+IKDNHxZhFIiQFBTQplbm:F/5VEyMfxZFInB66

Score

8^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/928-132-0x0000000000400000-0x000000000043A000-memory.dmp	upx

Program crash 1 IoCs

pid	pid_target	Process	procid_target
4852	928	WerFault.exe	78

C:\Users\Admin\AppData\Local\Temp\e7c70c2245524022b025ef330e63002c7c0f0494a99e8cd0de4bb441e108d078.exe
"C:\Users\Admin\AppData\Local\Temp\e7c70c2245524022b025ef330e63002c7c0f0494a99e8cd0de4bb441e108d078.exe"
1⤵
PID:928
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 928 -s 728
  2⤵
  - Program crash
  PID:4852

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 928 -ip 928
1⤵
PID:4892

memory/928-132-0x0000000000400000-0x000000000043A000-memory.dmp

Filesize
232KB

Download
memory/928-134-0x0000000000400000-0x0000000000417000-memory.dmp

Filesize
92KB

Download
memory/928-137-0x0000000000400000-0x000000000043A000-memory.dmp

Filesize
232KB

Download
memory/928-138-0x0000000000400000-0x0000000000417000-memory.dmp

Filesize
92KB

Download