dbc16b7c78433e76eeee0d91466d3a4ae25f132029cd14ee176f6e9bd45fe6e5

Analysis

max time kernel
144s
platform
windows10-2004_x64
resource
win10v2004-20231222-en
resource tags

arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
submitted
26-12-2023 07:25

Target

5c63698ef1951bdcbea614aa61b4ad2b.exe
Size

68KB
MD5

5c63698ef1951bdcbea614aa61b4ad2b
SHA1

ab882aa36fb54059bcda74f8aef03ca490e702ff
SHA256

dbc16b7c78433e76eeee0d91466d3a4ae25f132029cd14ee176f6e9bd45fe6e5
SHA512

319a94689f339f81821dc18644a92b643586018895673b897bca08190c374d04fe27394a55ab1b7048b1d94b1733cab94250b447845e24d3f5370d69a5f2d4f5
SSDEEP

768:I4eVV/xiUDmQNl6ru1cYB2JhdirnQTTGf9nU0LYZYRfGP73EgqSzo9xKOcV2qPeo:ItnDmAxkqq++0LYZufGP7wTQ2qLl

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/4360-0-0x0000000000400000-0x000000000041A000-memory.dmp	upx

Suspicious use of UnmapMainImage 1 IoCs

pid	Process
4360	5c63698ef1951bdcbea614aa61b4ad2b.exe

Suspicious use of WriteProcessMemory 5 IoCs

description	pid	Process	procid_target
PID 4360 wrote to memory of 1800	4360	5c63698ef1951bdcbea614aa61b4ad2b.exe	16
PID 4360 wrote to memory of 1800	4360	5c63698ef1951bdcbea614aa61b4ad2b.exe	16
PID 4360 wrote to memory of 1800	4360	5c63698ef1951bdcbea614aa61b4ad2b.exe	16
PID 4360 wrote to memory of 1800	4360	5c63698ef1951bdcbea614aa61b4ad2b.exe	16
PID 4360 wrote to memory of 1800	4360	5c63698ef1951bdcbea614aa61b4ad2b.exe	16

memory/4360-0-0x0000000000400000-0x000000000041A000-memory.dmp

Filesize
104KB

Download
memory/4360-3-0x0000000002280000-0x000000000228E000-memory.dmp

Filesize
56KB

Download
memory/4360-2-0x0000000000400000-0x0000000000414000-memory.dmp

Filesize
80KB

Download
memory/4360-1-0x0000000000580000-0x0000000000581000-memory.dmp

Filesize
4KB

Download