8ad86a189562efc0090dd0d39086c2376173cabc4f406c6be2a1872a835e65c3

Analysis

max time kernel
149s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
30/12/2023, 23:54

Target

20bab72e3fe8d4bbbd22964af6a4f3d1.exe
Size

11KB
MD5

20bab72e3fe8d4bbbd22964af6a4f3d1
SHA1

4bee2540a249b0868b898d7104c7624be123e63c
SHA256

8ad86a189562efc0090dd0d39086c2376173cabc4f406c6be2a1872a835e65c3
SHA512

ef503487af047b4fddc09925e653319b4a13fdaf7d4afb091c0549dd09a3dc5b0b1477492cb166838fc9017f41be47d3c8143bb4c37016aca9bc01e8c1f7c6db
SSDEEP

192:SO6C/cWTzS9IbBKLoS/4lUIr7fSwHAlXH1LTaa2y3+n4UI7KOeeaajUo:rx1W9WYxE/HMHpeapgMPR

Score

7^/10

upx

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/1220-0-0x0000000000400000-0x000000000040B000-memory.dmp	upx
behavioral2/memory/1220-16-0x0000000000400000-0x000000000040B000-memory.dmp	upx

Drops file in System32 directory 1 IoCs

description	ioc	Process
File created	C:\Windows\SysWOW64\updaterinstall.dat	20bab72e3fe8d4bbbd22964af6a4f3d1.exe

C:\Users\Admin\AppData\Local\Temp\20bab72e3fe8d4bbbd22964af6a4f3d1.exe
"C:\Users\Admin\AppData\Local\Temp\20bab72e3fe8d4bbbd22964af6a4f3d1.exe"
1⤵
- Drops file in System32 directory
PID:1220

C:\Windows\SysWOW64\updaterinstall.dat

Filesize
12KB

MD5
cdedfa2739174ecbe1d917cccd39a997

SHA1
5692f9c2e13c4218661eb90ddfaec0ced6c15a79

SHA256
f1021db34e41f7a1749672945dd2b77235bd04184376f8ccfff07e613a53685d

SHA512
9ac63c2f46ae781c33ef188a6c2837e452a2d008028eaedd17199748e3c079df45efe4a6ac1e631769b60582d50bf34b993cdcf3607157ec64ab35afedf1570a

Download Submit
memory/1220-0-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download
memory/1220-16-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download