765ab8fd3605fb6ecd0dd70507d3a21f5a49e21f4dd0b369767d7bf364a3fda4

Analysis

max time kernel
163s
max time network
201s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
26/12/2023, 12:35

Target

6eec719e104b53e6311ea935d32b3fc7.exe
Size

90KB
MD5

6eec719e104b53e6311ea935d32b3fc7
SHA1

4abe9c0c281465a1fa2a178d371c901c084e3791
SHA256

765ab8fd3605fb6ecd0dd70507d3a21f5a49e21f4dd0b369767d7bf364a3fda4
SHA512

962957215e4b66ea55fde8b4d689bdec3b063610bb83886620b0219db4920cb72800a49718ddbf5c51101df157aac92e3241fbe62da54db1e619d466e076ab8d
SSDEEP

1536:AAsqhD+MFIoGMfa4PhAJkAluAOv2xMbwp+uaEst7ez5WnmP6XOSLr+k/8YjF:AAsqplIo9pAluAdM8aEsxez5WnCpCh/p

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/864-0-0x0000000000400000-0x0000000000425000-memory.dmp	upx

Suspicious use of UnmapMainImage 1 IoCs

pid	Process
864	6eec719e104b53e6311ea935d32b3fc7.exe

Suspicious use of WriteProcessMemory 5 IoCs

description	pid	Process	procid_target
PID 864 wrote to memory of 4592	864	6eec719e104b53e6311ea935d32b3fc7.exe	89
PID 864 wrote to memory of 4592	864	6eec719e104b53e6311ea935d32b3fc7.exe	89
PID 864 wrote to memory of 4592	864	6eec719e104b53e6311ea935d32b3fc7.exe	89
PID 864 wrote to memory of 4592	864	6eec719e104b53e6311ea935d32b3fc7.exe	89
PID 864 wrote to memory of 4592	864	6eec719e104b53e6311ea935d32b3fc7.exe	89

memory/864-0-0x0000000000400000-0x0000000000425000-memory.dmp

Filesize
148KB

Download
memory/864-1-0x00000000004C0000-0x00000000004C1000-memory.dmp

Filesize
4KB

Download
memory/864-3-0x0000000000A10000-0x0000000000A22000-memory.dmp

Filesize
72KB

Download
memory/864-5-0x0000000000400000-0x0000000000425000-memory.dmp

Filesize
148KB

Download
memory/864-6-0x0000000000400000-0x0000000000414000-memory.dmp

Filesize
80KB

Download
memory/864-7-0x0000000000420000-0x000000000042E000-memory.dmp

Filesize
56KB

Download
memory/864-8-0x0000000000400000-0x0000000000414000-memory.dmp

Filesize
80KB

Download