6d7821a4006f342ce06d72b0ea732ee1f7a6b29bb4f3aaa0b362949a9c941ec1

Analysis

max time kernel
144s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
25/12/2023, 15:46

Target

2a73f42f519710e596c561ff6207682b.exe
Size

4.0MB
MD5

2a73f42f519710e596c561ff6207682b
SHA1

dcfbd0a7179845de44fe9723f93766d474826452
SHA256

6d7821a4006f342ce06d72b0ea732ee1f7a6b29bb4f3aaa0b362949a9c941ec1
SHA512

75839a4c1b53836350fdfdbf5bbbb08a911843a956f089dc4bce24b7c1c3fb82a9aeccab0f4aa5ad30b184eaa06de26ed34e10d22e9922068ec4b99e41eff42d
SSDEEP

98304:43lZcS44lJH2PGb1GFIJ4jfbYGaXIMxaV99cQrRkTlLLp:2ZcS44lJegzJ4jTYGaXBxic/

Score

7^/10

upx

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
behavioral2/files/0x0007000000023210-1.dat	acprotect

Loads dropped DLL 1 IoCs

pid	Process
3004	2a73f42f519710e596c561ff6207682b.exe

UPX packed file 4 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/3004-5-0x0000000010000000-0x0000000010261000-memory.dmp	upx
behavioral2/files/0x0007000000023210-1.dat	upx
behavioral2/memory/3004-6-0x0000000010000000-0x0000000010261000-memory.dmp	upx
behavioral2/memory/3004-8-0x0000000010000000-0x0000000010261000-memory.dmp	upx

C:\Users\Admin\AppData\Local\Temp\2a73f42f519710e596c561ff6207682b.exe
"C:\Users\Admin\AppData\Local\Temp\2a73f42f519710e596c561ff6207682b.exe"
1⤵
- Loads dropped DLL
PID:3004

C:\Users\Admin\AppData\Local\Temp\htmlayout.dll

Filesize
385KB

MD5
4342c77753b62ba56cda6ec2cbce3fea

SHA1
f5c0e4312f3291487dae54b4fd74819a57b7b8a2

SHA256
f4f2195663d94553f0411bd064cc057d294ac3b9153ec38a6dcb096a25e67ac1

SHA512
50163bf208d67690a8506015dc0ba2eb7d9762ec84789bd85d08ade86418c6428c93418c5b5e9dcab39ef78b87b1a7759578131a2b40cf3936fa24d7f9ccb6ec

Download Submit
memory/3004-5-0x0000000010000000-0x0000000010261000-memory.dmp

Filesize
2.4MB

Download
memory/3004-6-0x0000000010000000-0x0000000010261000-memory.dmp

Filesize
2.4MB

Download
memory/3004-8-0x0000000010000000-0x0000000010261000-memory.dmp

Filesize
2.4MB

Download