81044097cfc4db68db01154649a8ba40a4100457b38128ba4851ca508bd0ef95

Analysis

max time kernel
178s
max time network
196s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
04/12/2022, 07:05

Target

81044097cfc4db68db01154649a8ba40a4100457b38128ba4851ca508bd0ef95.exe
Size

51KB
MD5

f84115f572ced3428ace44292d3f9b03
SHA1

928a2260042630847972bdbf2448c53611900edb
SHA256

81044097cfc4db68db01154649a8ba40a4100457b38128ba4851ca508bd0ef95
SHA512

679fc19283d7bb23006f54c5c59114050eea329f7c6f1887edc48daba14a481cd879c24b2bbf1ff3662463e88733561cbf33db897507b4d65212552397a96710
SSDEEP

768:kCFGrQHGwqqovkDPsrZQMnCsy+tQ33q1nXMctKPhL+k2Ct3TIaEc1BrwYM4f3bK/:9HGwaceQ4Cxe8FctQhv2Ct0qLrwYV/bw

Score

8^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/1060-134-0x0000000000400000-0x000000000041B000-memory.dmp	upx

Program crash 1 IoCs

pid	pid_target	Process	procid_target
4444	1060	WerFault.exe	81

C:\Users\Admin\AppData\Local\Temp\81044097cfc4db68db01154649a8ba40a4100457b38128ba4851ca508bd0ef95.exe
"C:\Users\Admin\AppData\Local\Temp\81044097cfc4db68db01154649a8ba40a4100457b38128ba4851ca508bd0ef95.exe"
1⤵
PID:1060
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 1060 -s 1768
  2⤵
  - Program crash
  PID:4444

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 360 -p 1060 -ip 1060
1⤵
PID:2128

memory/1060-132-0x0000000000690000-0x00000000006AB000-memory.dmp

Filesize
108KB

Download
memory/1060-133-0x0000000002050000-0x000000000206B000-memory.dmp

Filesize
108KB

Download
memory/1060-134-0x0000000000400000-0x000000000041B000-memory.dmp

Filesize
108KB

Download