05ed9a3cc598499c68098fd5bd436eeb198e65c188eac5628e82e45e682c0ef4

Analysis

max time kernel
150s
max time network
159s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
26/12/2023, 00:04

Target

4505f5e422319cf3d60f0c9dde419d65.exe
Size

1.0MB
MD5

4505f5e422319cf3d60f0c9dde419d65
SHA1

023a2158d7aa82c8552222a3237a693bf5b73609
SHA256

05ed9a3cc598499c68098fd5bd436eeb198e65c188eac5628e82e45e682c0ef4
SHA512

899f37b22537e9388e6ea937abbfc4453964d914918735276d7f0c7fd61479364795015a18c1551d42a26fd324de0b7cbaf9240a81938d2111e5b25af38658c6
SSDEEP

24576:tX/ZCxVEf8lVjvrQQks+IijZTEhxU+oDemQJYtjrKU:FxCqY40i1ghboD/aYNK

Score

7^/10

upx

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral1/memory/2780-0-0x0000000000400000-0x0000000000707000-memory.dmp	upx
behavioral1/memory/2780-3-0x0000000000400000-0x0000000000707000-memory.dmp	upx
behavioral1/memory/2780-4-0x0000000000400000-0x0000000000707000-memory.dmp	upx

Suspicious behavior: EnumeratesProcesses 1 IoCs

pid	Process
2780	4505f5e422319cf3d60f0c9dde419d65.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2780	4505f5e422319cf3d60f0c9dde419d65.exe

memory/2780-0-0x0000000000400000-0x0000000000707000-memory.dmp

Filesize
3.0MB

Download
memory/2780-1-0x0000000000230000-0x0000000000231000-memory.dmp

Filesize
4KB

Download
memory/2780-2-0x0000000003190000-0x0000000003191000-memory.dmp

Filesize
4KB

Download
memory/2780-3-0x0000000000400000-0x0000000000707000-memory.dmp

Filesize
3.0MB

Download
memory/2780-4-0x0000000000400000-0x0000000000707000-memory.dmp

Filesize
3.0MB

Download
memory/2780-5-0x0000000000230000-0x0000000000231000-memory.dmp

Filesize
4KB

Download
memory/2780-7-0x0000000003190000-0x0000000003191000-memory.dmp

Filesize
4KB

Download