1213cafd768bb43efd33d5115e7666e0cc21fdca5db430c38e75560e8edd210f

Analysis

max time kernel
163s
max time network
183s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
29/12/2023, 20:00

Target

0279b87c140a1028a42b24eea404a1b3.exe
Size

203KB
MD5

0279b87c140a1028a42b24eea404a1b3
SHA1

26797bfa5d6a2938636a0b06081d18d74cb6a1b7
SHA256

1213cafd768bb43efd33d5115e7666e0cc21fdca5db430c38e75560e8edd210f
SHA512

7b8f93b6383e47ef4f5822c300599a9e2852df62ddfa93324f3711348fde32069565a18e40f1ef3dd9042e4c0bfc3a16a4221acc634eee11f68535edd8297f01
SSDEEP

3072:NWKAxxEOWWn/OWTuuDyVQ9V99e5V/2RBWThC7KYaThYTc1LVFbgC:NTAAOW1WgC9erkokKh71LDb9

Score

7^/10

ACProtect 1.3x - 1.4x DLL software 2 IoCs

Detects file using ACProtect software.

resource	yara_rule
behavioral2/files/0x000600000002323c-4.dat	acprotect
behavioral2/files/0x000600000002323c-2.dat	acprotect

Loads dropped DLL 2 IoCs

pid	Process
4384	0279b87c140a1028a42b24eea404a1b3.exe
4384	0279b87c140a1028a42b24eea404a1b3.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
4384	0279b87c140a1028a42b24eea404a1b3.exe

C:\Users\Admin\AppData\Local\Temp\iwiDF54.tmp

Filesize
101KB

MD5
c6077df2cd8c46b1b64227db0ca9ee41

SHA1
edbcb775679a869f51d74267877c51d3464dd053

SHA256
700968b7c8048db0df9f953b82c10154d2bf2b403085d24ad97aa3a5d0044db8

SHA512
c6e8d01b9fd3ebbdb62c0e820b4faae7c189c6f0f527c40ec4e2826d089660bf81213486836af83854510630e591a74407d0cfe455120c494c9c4cbf69f6d63c

Download Submit
C:\Users\Admin\AppData\Local\Temp\iwiDF54.tmp

Filesize
57KB

MD5
601c17b669fb5086b08d159d07ce5f9c

SHA1
a8fefec478a1f5a76a3a7ee1ed5a10f58915c292

SHA256
fbd10f06fd344f7f8583b38762c3fd784015ec66ae8cf2dca8ca5a399243c226

SHA512
b066e11eb53215d19a5f5f990a3529a85539164a06ced2b70d9431e7f31ad4324806692ad4309789a26eeaf849eb0d59416ac6a7f37847156e2e51c50730c908

Download Submit
memory/4384-0-0x0000000000400000-0x000000000040A000-memory.dmp

Filesize
40KB

Download
memory/4384-6-0x00000000005E0000-0x0000000000653000-memory.dmp

Filesize
460KB

Download
memory/4384-8-0x00000000005E0000-0x0000000000653000-memory.dmp

Filesize
460KB

Download
memory/4384-10-0x0000000000400000-0x000000000040A000-memory.dmp

Filesize
40KB

Download
memory/4384-9-0x00000000005E0000-0x0000000000653000-memory.dmp

Filesize
460KB

Download