77352f595cc60334321a6f9197e6c54604359096be951edec60a62bd8316a1e6

Analysis

max time kernel
489s
max time network
560s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
06/12/2022, 02:15

Target

77352f595cc60334321a6f9197e6c54604359096be951edec60a62bd8316a1e6.exe
Size

200KB
MD5

9aef0c3db5aad073351d599e3f173f44
SHA1

c1598848e46a0323b5ca495601a2a13848b3149b
SHA256

77352f595cc60334321a6f9197e6c54604359096be951edec60a62bd8316a1e6
SHA512

145771d3e739458c4447b869389aaed9e6cbba93a17ff8df8f688ee0cc17dbd26035b53d768cd19ff6e6f51eda519362fa627bff5c6e4c6417e7e26c99a918ab
SSDEEP

6144:sJcWYVD+Hi8ketyJt0aJKhBkzMn8JU4rTnC/YSPK:sJSVk9aSczMn6U4rTnC/YSPK

Score

8^/10

upx

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/1272-132-0x0000000000400000-0x00000000004A4000-memory.dmp	upx
behavioral2/memory/1272-133-0x0000000000400000-0x00000000004A4000-memory.dmp	upx

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
1272	77352f595cc60334321a6f9197e6c54604359096be951edec60a62bd8316a1e6.exe
1272	77352f595cc60334321a6f9197e6c54604359096be951edec60a62bd8316a1e6.exe

C:\Users\Admin\AppData\Local\Temp\77352f595cc60334321a6f9197e6c54604359096be951edec60a62bd8316a1e6.exe
"C:\Users\Admin\AppData\Local\Temp\77352f595cc60334321a6f9197e6c54604359096be951edec60a62bd8316a1e6.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:1272

memory/1272-132-0x0000000000400000-0x00000000004A4000-memory.dmp

Filesize
656KB

Download
memory/1272-133-0x0000000000400000-0x00000000004A4000-memory.dmp

Filesize
656KB

Download