1f09600912d9ccd646f76426bb9e950f18ea3e2e6d583a472a9effa8180d7cc5

Analysis

max time kernel
119s
max time network
127s
platform
windows7_x64
resource
win7-20231020-en
resource tags

arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
submitted
04/11/2023, 21:36

Target

NEAS.48de9010a5c35a58b907261232743960_JC.exe
Size

58KB
MD5

48de9010a5c35a58b907261232743960
SHA1

1e7a9d8eb335fa130a554ae1c218709a9ee47798
SHA256

1f09600912d9ccd646f76426bb9e950f18ea3e2e6d583a472a9effa8180d7cc5
SHA512

50b75d8e6a00ae812cd2a03b824bcc3c5da2a81a540831b27410acaa22d892b5a235965c393d43d06750dbc2b19b89b943a04890f5873051289219bb76bdcffd
SSDEEP

1536:tHoSCdeVMCT6ggMw4Y7FgG2xV89mTr39w6XJJzVtW4Sk:tHoLde/OgV432UcP39hXJZnW4x

Score

7^/10

upx

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral1/memory/1392-0-0x0000000000400000-0x0000000000428000-memory.dmp	upx
behavioral1/files/0x0007000000015c32-5.dat	upx
behavioral1/memory/1392-102-0x0000000000400000-0x0000000000428000-memory.dmp	upx

Drops file in Windows directory 1 IoCs

description	ioc	Process
File created	C:\Windows\dextor32.exe	NEAS.48de9010a5c35a58b907261232743960_JC.exe

C:\Users\Admin\AppData\Local\Temp\NEAS.48de9010a5c35a58b907261232743960_JC.exe
"C:\Users\Admin\AppData\Local\Temp\NEAS.48de9010a5c35a58b907261232743960_JC.exe"
1⤵
- Drops file in Windows directory
PID:1392

C:\Windows\Temp\CKY3 - Bam Margera World Industries Alien Workshop Full Downloader.exe

Filesize
58KB

MD5
48de9010a5c35a58b907261232743960

SHA1
1e7a9d8eb335fa130a554ae1c218709a9ee47798

SHA256
1f09600912d9ccd646f76426bb9e950f18ea3e2e6d583a472a9effa8180d7cc5

SHA512
50b75d8e6a00ae812cd2a03b824bcc3c5da2a81a540831b27410acaa22d892b5a235965c393d43d06750dbc2b19b89b943a04890f5873051289219bb76bdcffd

Download Submit
memory/1392-0-0x0000000000400000-0x0000000000428000-memory.dmp

Filesize
160KB

Download
memory/1392-102-0x0000000000400000-0x0000000000428000-memory.dmp

Filesize
160KB

Download