f12f75770dde6627db48ebd5c26bfff8aeb36b27b15ee11b74034dbd15ab6a91

Analysis

max time kernel
152s
max time network
156s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
04/12/2022, 10:03

Target

f12f75770dde6627db48ebd5c26bfff8aeb36b27b15ee11b74034dbd15ab6a91.exe
Size

316KB
MD5

1a08e356c507acaa7c58a0a8450c3d36
SHA1

5426bd458fd03e6a8aeaa2a9d744d4701b210343
SHA256

f12f75770dde6627db48ebd5c26bfff8aeb36b27b15ee11b74034dbd15ab6a91
SHA512

1442358adedd6d00cb0b48c0d3f78a3b7c27715b79ca60819f6f73cc340feb26092eb9a2a7b3027debd6810db26117422e1320e0a018a5168960bef350a82298
SSDEEP

3072:43RLjrj7Nuoj0HsIX9hWpGfgbGzDcQ7onFxmOp7+j31n2siK4OU8O4QjRffc8Cr+:IGN1VF8nXmOs3lsjRffIStd7z

Score

8^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/3300-132-0x0000000000400000-0x0000000000450000-memory.dmp	upx

Suspicious use of UnmapMainImage 1 IoCs

pid	Process
3300	f12f75770dde6627db48ebd5c26bfff8aeb36b27b15ee11b74034dbd15ab6a91.exe

Suspicious use of WriteProcessMemory 6 IoCs

description	pid	Process	procid_target
PID 3300 wrote to memory of 4032	3300	f12f75770dde6627db48ebd5c26bfff8aeb36b27b15ee11b74034dbd15ab6a91.exe	79
PID 3300 wrote to memory of 4032	3300	f12f75770dde6627db48ebd5c26bfff8aeb36b27b15ee11b74034dbd15ab6a91.exe	79
PID 3300 wrote to memory of 4032	3300	f12f75770dde6627db48ebd5c26bfff8aeb36b27b15ee11b74034dbd15ab6a91.exe	79
PID 3300 wrote to memory of 4032	3300	f12f75770dde6627db48ebd5c26bfff8aeb36b27b15ee11b74034dbd15ab6a91.exe	79
PID 3300 wrote to memory of 4032	3300	f12f75770dde6627db48ebd5c26bfff8aeb36b27b15ee11b74034dbd15ab6a91.exe	79
PID 3300 wrote to memory of 4032	3300	f12f75770dde6627db48ebd5c26bfff8aeb36b27b15ee11b74034dbd15ab6a91.exe	79

memory/3300-132-0x0000000000400000-0x0000000000450000-memory.dmp

Filesize
320KB

Download
memory/3300-133-0x0000000000400000-0x0000000000450000-memory.dmp

Filesize
320KB

Download
memory/3300-135-0x0000000000400000-0x0000000000414000-memory.dmp

Filesize
80KB

Download
memory/4032-136-0x0000000000C00000-0x0000000000C0E000-memory.dmp

Filesize
56KB

Download
memory/4032-137-0x0000000000CC0000-0x0000000000CC9000-memory.dmp

Filesize
36KB

Download
memory/4032-138-0x0000000000CC0000-0x0000000000CC9000-memory.dmp

Filesize
36KB

Download