79eb3f95a754513fd14d2a39a0ea29a09df9ea974c7e0b0497874eb51da1e717

Analysis

max time kernel
150s
max time network
153s
platform
windows7_x64
resource
win7-20231020-en
resource tags

arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
submitted
04/11/2023, 14:38

Target

NEAS.04e14fb48013da1f358663c254442840.exe
Size

4KB
MD5

04e14fb48013da1f358663c254442840
SHA1

541b9705a2769074425b4eeacd4752da954c03f5
SHA256

79eb3f95a754513fd14d2a39a0ea29a09df9ea974c7e0b0497874eb51da1e717
SHA512

e2676e878a3d310a8adedb76654cf5d0a5b17c9caa06444a6e218b2ed88494e8e202a232aebe23480d3ebda84e0249237fdce0894440af8e700631d60c237fe3

Score

7^/10

upx

UPX packed file 16 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral1/memory/2508-0-0x0000000000400000-0x0000000000407000-memory.dmp	upx
behavioral1/memory/2508-1-0x0000000000400000-0x0000000000407000-memory.dmp	upx
behavioral1/memory/2508-2-0x0000000000400000-0x0000000000407000-memory.dmp	upx
behavioral1/memory/2508-3-0x0000000000400000-0x0000000000407000-memory.dmp	upx
behavioral1/memory/2508-4-0x0000000000400000-0x0000000000407000-memory.dmp	upx
behavioral1/memory/2508-5-0x0000000000400000-0x0000000000407000-memory.dmp	upx
behavioral1/memory/2508-6-0x0000000000400000-0x0000000000407000-memory.dmp	upx
behavioral1/memory/2508-7-0x0000000000400000-0x0000000000407000-memory.dmp	upx
behavioral1/memory/2508-8-0x0000000000400000-0x0000000000407000-memory.dmp	upx
behavioral1/memory/2508-9-0x0000000000400000-0x0000000000407000-memory.dmp	upx
behavioral1/memory/2508-10-0x0000000000400000-0x0000000000407000-memory.dmp	upx
behavioral1/memory/2508-11-0x0000000000400000-0x0000000000407000-memory.dmp	upx
behavioral1/memory/2508-12-0x0000000000400000-0x0000000000407000-memory.dmp	upx
behavioral1/memory/2508-13-0x0000000000400000-0x0000000000407000-memory.dmp	upx
behavioral1/memory/2508-14-0x0000000000400000-0x0000000000407000-memory.dmp	upx
behavioral1/memory/2508-15-0x0000000000400000-0x0000000000407000-memory.dmp	upx

C:\Users\Admin\AppData\Local\Temp\NEAS.04e14fb48013da1f358663c254442840.exe
"C:\Users\Admin\AppData\Local\Temp\NEAS.04e14fb48013da1f358663c254442840.exe"
1⤵
PID:2508

memory/2508-0-0x0000000000400000-0x0000000000407000-memory.dmp

Filesize
28KB

Download
memory/2508-1-0x0000000000400000-0x0000000000407000-memory.dmp

Filesize
28KB

Download
memory/2508-2-0x0000000000400000-0x0000000000407000-memory.dmp

Filesize
28KB

Download
memory/2508-3-0x0000000000400000-0x0000000000407000-memory.dmp

Filesize
28KB

Download
memory/2508-4-0x0000000000400000-0x0000000000407000-memory.dmp

Filesize
28KB

Download
memory/2508-5-0x0000000000400000-0x0000000000407000-memory.dmp

Filesize
28KB

Download
memory/2508-6-0x0000000000400000-0x0000000000407000-memory.dmp

Filesize
28KB

Download
memory/2508-7-0x0000000000400000-0x0000000000407000-memory.dmp

Filesize
28KB

Download
memory/2508-8-0x0000000000400000-0x0000000000407000-memory.dmp

Filesize
28KB

Download
memory/2508-9-0x0000000000400000-0x0000000000407000-memory.dmp

Filesize
28KB

Download
memory/2508-10-0x0000000000400000-0x0000000000407000-memory.dmp

Filesize
28KB

Download
memory/2508-11-0x0000000000400000-0x0000000000407000-memory.dmp

Filesize
28KB

Download
memory/2508-12-0x0000000000400000-0x0000000000407000-memory.dmp

Filesize
28KB

Download
memory/2508-13-0x0000000000400000-0x0000000000407000-memory.dmp

Filesize
28KB

Download
memory/2508-14-0x0000000000400000-0x0000000000407000-memory.dmp

Filesize
28KB

Download
memory/2508-15-0x0000000000400000-0x0000000000407000-memory.dmp

Filesize
28KB

Download