90737d685b5b19839ac48cf58be33e88a9ae78cbcb11632c079bdff17329a92a

Analysis

max time kernel
45s
max time network
50s
platform
windows7_x64
resource
win7-20220901-en
resource tags

arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
submitted
04/12/2022, 06:41

Target

90737d685b5b19839ac48cf58be33e88a9ae78cbcb11632c079bdff17329a92a.exe
Size

6KB
MD5

5f98c313c3955d20009a55fb149aeb16
SHA1

1f1a3d0e18237760b90fd9340862777b5e53ad9b
SHA256

90737d685b5b19839ac48cf58be33e88a9ae78cbcb11632c079bdff17329a92a
SHA512

5f95a8056a75833aa5c1ff4d02613499ee9c08a2c6928646eafd97e23b87cc730f93cc0c1efbc3341b3a187c3d7c900b043819cc9ddc366c98a33cb7a95c980b
SSDEEP

96:965jCEpf6tmzPMVJ6Jpv7W4BRlLpMEfWtIWx:9jEAiM6JpvCODXfkz

Score

8^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral1/memory/1324-56-0x0000000000400000-0x0000000000407200-memory.dmp	upx

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
1324	90737d685b5b19839ac48cf58be33e88a9ae78cbcb11632c079bdff17329a92a.exe

C:\Users\Admin\AppData\Local\Temp\90737d685b5b19839ac48cf58be33e88a9ae78cbcb11632c079bdff17329a92a.exe
"C:\Users\Admin\AppData\Local\Temp\90737d685b5b19839ac48cf58be33e88a9ae78cbcb11632c079bdff17329a92a.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:1324

memory/1324-56-0x0000000000400000-0x0000000000407200-memory.dmp

Filesize
28KB

Download