37da586317af4f44f2e9fd16890394b5ff04c08216e179a7b9ab9182241a580e

Analysis

max time kernel
141s
max time network
122s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
25/12/2023, 23:49

Target

44528d30c65c418459f6fad926d50612.exe
Size

355KB
MD5

44528d30c65c418459f6fad926d50612
SHA1

21212d01fc86dcc74f790820db47a25aea5bb484
SHA256

37da586317af4f44f2e9fd16890394b5ff04c08216e179a7b9ab9182241a580e
SHA512

d7b7828a166bb73d2d2f450bc412609f0781ca76cd0fd348925f30927c657296f6e4520c4ba6b1a9c67d3d702dbcc2af07c13e4b3d077714fcb4d2bdcda588e4
SSDEEP

6144:EQg6R6F9j4z7WHf09RbMOs02+NfOV9ddrFm6UvjaEo+8NfWxU5m1nqSZK3LR:Jg6ZzS89qODdG9ddrILrCfWxwP3LR

Score

7^/10

upx

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral1/memory/2204-0-0x0000000000400000-0x00000000004DB000-memory.dmp	upx
behavioral1/memory/2204-2-0x0000000000400000-0x00000000004DB000-memory.dmp	upx

Suspicious use of FindShellTrayWindow 2 IoCs

pid	Process
2204	44528d30c65c418459f6fad926d50612.exe
2204	44528d30c65c418459f6fad926d50612.exe

Suspicious use of SendNotifyMessage 2 IoCs

pid	Process
2204	44528d30c65c418459f6fad926d50612.exe
2204	44528d30c65c418459f6fad926d50612.exe

memory/2204-0-0x0000000000400000-0x00000000004DB000-memory.dmp

Filesize
876KB

Download
memory/2204-1-0x0000000000230000-0x0000000000231000-memory.dmp

Filesize
4KB

Download
memory/2204-2-0x0000000000400000-0x00000000004DB000-memory.dmp

Filesize
876KB

Download
memory/2204-4-0x0000000000230000-0x0000000000231000-memory.dmp

Filesize
4KB

Download