65f53ea0503b4c2337744b1560725f876051bb60cfb8732a4ba15cec25031644

Analysis

max time kernel
187s
max time network
197s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
05-12-2022 23:57

Target

65f53ea0503b4c2337744b1560725f876051bb60cfb8732a4ba15cec25031644.exe
Size

69KB
MD5

f4873be80cddca67182ef18f23b2ce04
SHA1

157ceee928b450fd37c09ff6bd1bcfe89faeb247
SHA256

65f53ea0503b4c2337744b1560725f876051bb60cfb8732a4ba15cec25031644
SHA512

46fe57b29c26fe3af3a4d471646fe1c668eff384f4ce94bde4f345316ae637ca50138a44f15c49902a30447c4b9cc1ac84a77bcc4117792d73deeb72b8e9019f
SSDEEP

768:1/QylE1SFXdNUAt54wabdemK1WBrlRwf9LKQmikuP+91CUdv4oCXQaD94zBZLD:1Zl3FtGA54lbP/PiKQjyoUdQoCwX

Score

8^/10

upx

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/4620-132-0x0000000000400000-0x0000000000413000-memory.dmp	upx
behavioral2/memory/4620-133-0x0000000000400000-0x0000000000413000-memory.dmp	upx

Suspicious behavior: EnumeratesProcesses 4 IoCs

C:\Users\Admin\AppData\Local\Temp\65f53ea0503b4c2337744b1560725f876051bb60cfb8732a4ba15cec25031644.exe
"C:\Users\Admin\AppData\Local\Temp\65f53ea0503b4c2337744b1560725f876051bb60cfb8732a4ba15cec25031644.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:4620

memory/4620-132-0x0000000000400000-0x0000000000413000-memory.dmp

Filesize
76KB

Download
memory/4620-133-0x0000000000400000-0x0000000000413000-memory.dmp

Filesize
76KB

Download