e0fd64b900d5e1582f053dde05b835f26f2331015729f8db3aba022fe4adebac

Analysis

max time kernel
142s
max time network
155s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
26/12/2023, 06:39

Target

5a29668c068ced8c00062eef9e813c9d.exe
Size

920KB
MD5

5a29668c068ced8c00062eef9e813c9d
SHA1

721fdaa9507c09d384ef1cc218932a014c06a9f3
SHA256

e0fd64b900d5e1582f053dde05b835f26f2331015729f8db3aba022fe4adebac
SHA512

d8e619baab36e1f0b47da9391d8e064d5136b732c2fdbdda098147e7d89ad83b71d0a3c9636f0e5fa858e357fdc2619d9617f5b5c790aab67b17c26ff4f9ac37
SSDEEP

24576:8IvOwSYicxAeOUjHiRBJ1rns8HG48jy+XCiJsz6Pg8:ChcxAejjCRlrsy/l+SiJsz648

Score

7^/10

upx

UPX packed file 4 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/1172-3-0x0000000010000000-0x0000000010020000-memory.dmp	upx
behavioral2/memory/1172-4-0x0000000010000000-0x0000000010020000-memory.dmp	upx
behavioral2/memory/1172-2-0x0000000010000000-0x0000000010020000-memory.dmp	upx
behavioral2/memory/1172-0-0x0000000010000000-0x0000000010020000-memory.dmp	upx

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2996	1172	WerFault.exe	78

C:\Users\Admin\AppData\Local\Temp\5a29668c068ced8c00062eef9e813c9d.exe
"C:\Users\Admin\AppData\Local\Temp\5a29668c068ced8c00062eef9e813c9d.exe"
1⤵
PID:1172
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 1172 -s 228
  2⤵
  - Program crash
  PID:2996

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 356 -p 1172 -ip 1172
1⤵
PID:4968

memory/1172-3-0x0000000010000000-0x0000000010020000-memory.dmp

Filesize
128KB

Download
memory/1172-4-0x0000000010000000-0x0000000010020000-memory.dmp

Filesize
128KB

Download
memory/1172-2-0x0000000010000000-0x0000000010020000-memory.dmp

Filesize
128KB

Download
memory/1172-0-0x0000000010000000-0x0000000010020000-memory.dmp

Filesize
128KB

Download