37a06220c970820419b4d2757c7c676503db281e88340a661b8a90873965387b

Analysis

max time kernel
147s
max time network
134s
platform
windows10-2004_x64
resource
win10v2004-20231222-en
resource tags

arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
submitted
29/12/2023, 18:29

Target

007f58587cca200e547226a5d3d94f8c.exe
Size

1.3MB
MD5

007f58587cca200e547226a5d3d94f8c
SHA1

2577cdf3697e801fbc2ef2d9c1087434e24f3907
SHA256

37a06220c970820419b4d2757c7c676503db281e88340a661b8a90873965387b
SHA512

a70af449240abe43cec50c5b23ff2b1d043ec5131f542a80facfaeb42267cd98f9ea7fcd4a6f8a38de1bf509c7b404d57f49b784ac183ee43d8009a6d832cd1e
SSDEEP

24576:tFJhGEb/znDJT9dSUe5GioXE9fnGEyrK7MA0qqKzyduINLCtNU9/9Us:ttdBdh8fOEBU9TtF5CteR9j

Score

7^/10

upx

Deletes itself 1 IoCs

pid	Process
5336	007f58587cca200e547226a5d3d94f8c.exe

Executes dropped EXE 1 IoCs

pid	Process
5336	007f58587cca200e547226a5d3d94f8c.exe

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/5336-13-0x0000000000400000-0x00000000008E7000-memory.dmp	upx
behavioral2/memory/2712-0-0x0000000000400000-0x00000000008E7000-memory.dmp	upx

Suspicious behavior: RenamesItself 1 IoCs

pid	Process
2712	007f58587cca200e547226a5d3d94f8c.exe

Suspicious use of UnmapMainImage 2 IoCs

pid	Process
2712	007f58587cca200e547226a5d3d94f8c.exe
5336	007f58587cca200e547226a5d3d94f8c.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2712 wrote to memory of 5336	2712	007f58587cca200e547226a5d3d94f8c.exe	18
PID 2712 wrote to memory of 5336	2712	007f58587cca200e547226a5d3d94f8c.exe	18
PID 2712 wrote to memory of 5336	2712	007f58587cca200e547226a5d3d94f8c.exe	18

memory/2712-1-0x00000000018F0000-0x0000000001A21000-memory.dmp

Filesize
1.2MB

Download
memory/2712-2-0x0000000000400000-0x0000000000622000-memory.dmp

Filesize
2.1MB

Download
memory/2712-12-0x0000000000400000-0x0000000000622000-memory.dmp

Filesize
2.1MB

Download
memory/2712-0-0x0000000000400000-0x00000000008E7000-memory.dmp

Filesize
4.9MB

Download
memory/5336-15-0x0000000001D10000-0x0000000001E41000-memory.dmp

Filesize
1.2MB

Download
memory/5336-14-0x0000000000400000-0x0000000000622000-memory.dmp

Filesize
2.1MB

Download
memory/5336-21-0x0000000000400000-0x0000000000616000-memory.dmp

Filesize
2.1MB

Download
memory/5336-20-0x0000000005600000-0x0000000005822000-memory.dmp

Filesize
2.1MB

Download
memory/5336-13-0x0000000000400000-0x00000000008E7000-memory.dmp

Filesize
4.9MB

Download
memory/5336-28-0x0000000000400000-0x00000000008E7000-memory.dmp

Filesize
4.9MB

Download