89695aa47b493ba4c9c5de9b36f87977aca40c487c6e16b37e26421c876c4a56

Analysis

max time kernel
61s
max time network
137s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
27-12-2022 03:51

Target

89695aa47b493ba4c9c5de9b36f87977aca40c487c6e16b37e26421c876c4a56.exe
Size

707KB
MD5

ec6dadfe3b7bcad4ab171d1a5a7b16de
SHA1

22b7d0c4db0a691dc1206f6d0335f34cc2dcd791
SHA256

89695aa47b493ba4c9c5de9b36f87977aca40c487c6e16b37e26421c876c4a56
SHA512

c5271daa50b8917285e080b6a57072f2000f974aa8dd36716d2b726dcb6617b8bdf2932fe9a7d1b8c6c8d4b4655b884d53c01f6c9344089c2658ea4b45814fa8
SSDEEP

12288:fYV6MorX7qzuC3QHO9FQVHPF51jgcPXYjfPa+UgUDrcLKkAHJA2/iq:sBXu9HGaVHPX2qc2tA2/iq

Score

8^/10

upx

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/4108-132-0x00000000002E0000-0x0000000000463000-memory.dmp	upx
behavioral2/memory/4108-133-0x00000000002E0000-0x0000000000463000-memory.dmp	upx

AutoIT Executable 1 IoCs

AutoIT scripts compiled to PE executables.

resource	yara_rule
behavioral2/memory/4108-133-0x00000000002E0000-0x0000000000463000-memory.dmp	autoit_exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
4108	89695aa47b493ba4c9c5de9b36f87977aca40c487c6e16b37e26421c876c4a56.exe

C:\Users\Admin\AppData\Local\Temp\89695aa47b493ba4c9c5de9b36f87977aca40c487c6e16b37e26421c876c4a56.exe
"C:\Users\Admin\AppData\Local\Temp\89695aa47b493ba4c9c5de9b36f87977aca40c487c6e16b37e26421c876c4a56.exe"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
PID:4108

memory/4108-132-0x00000000002E0000-0x0000000000463000-memory.dmp

Filesize
1.5MB

Download
memory/4108-133-0x00000000002E0000-0x0000000000463000-memory.dmp

Filesize
1.5MB

Download