137a574570eff40837cd190090ba8fe9370b9f6365e16b6a51dd66d6d5ecfd76

Analysis

max time kernel
144s
max time network
118s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
30/12/2023, 03:15

Target

0caac5dcbdc54b2adffe3590ec47b9ef.exe
Size

1.3MB
MD5

0caac5dcbdc54b2adffe3590ec47b9ef
SHA1

6d7cc3170bbf5a5deb03b73d13b17f1e8f5c183e
SHA256

137a574570eff40837cd190090ba8fe9370b9f6365e16b6a51dd66d6d5ecfd76
SHA512

289db489197f659f62038f9cd958f02fb1e9066cf619d1e62d90204f78418e58b5e53116e4375648be38e0f36f601a212a408b72f8a926225259752f9a346e12
SSDEEP

24576:EMha4mEoG+N4i3NJeATkKEOcD91aAsd8Yoa0SpwvU20Dtql:EMUbEoPSidnTeHCAKgU20Du

Score

7^/10

upx

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral1/memory/2900-0-0x0000000000400000-0x000000000076E000-memory.dmp	upx
behavioral1/memory/2900-3-0x0000000000400000-0x000000000076E000-memory.dmp	upx

Suspicious behavior: EnumeratesProcesses 1 IoCs

pid	Process
2900	0caac5dcbdc54b2adffe3590ec47b9ef.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2900	0caac5dcbdc54b2adffe3590ec47b9ef.exe

memory/2900-1-0x0000000000230000-0x0000000000231000-memory.dmp

Filesize
4KB

Download
memory/2900-0-0x0000000000400000-0x000000000076E000-memory.dmp

Filesize
3.4MB

Download
memory/2900-2-0x00000000037C0000-0x00000000037C1000-memory.dmp

Filesize
4KB

Download
memory/2900-3-0x0000000000400000-0x000000000076E000-memory.dmp

Filesize
3.4MB

Download
memory/2900-5-0x0000000000230000-0x0000000000231000-memory.dmp

Filesize
4KB

Download
memory/2900-6-0x00000000037C0000-0x00000000037C1000-memory.dmp

Filesize
4KB

Download