fed60d381e993a084cbde0147f445309d00a69b6be01aeebace31acdb424a91f

Analysis

max time kernel
138s
max time network
171s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
31-12-2023 03:02

Target

259206e6fbda6b46e6499e518adcaf96.exe
Size

613KB
MD5

259206e6fbda6b46e6499e518adcaf96
SHA1

3c2a4bb622685d3e250d4566d25aa244e18f0086
SHA256

fed60d381e993a084cbde0147f445309d00a69b6be01aeebace31acdb424a91f
SHA512

9f2d873a853ed0494cb7326286c0dd2e338b5422ecbd221f9bda831a205953ece096e297c248a89f477f7e89755b204ab7181fb2c991df489e3270b62aa42c6f
SSDEEP

12288:H12OsBgo0q4wM/VkGjkfoX89JrFM02XweWFdPcYiQAqwQikKCTwE47:4OsBgo0q4wM2ykfosfriwPFdPKQAqwMn

Score

9^/10

CustAttr .NET packer 1 IoCs

Detects CustAttr .NET packer in memory.

resource	yara_rule
behavioral2/memory/1964-9-0x0000000004C60000-0x0000000004C72000-memory.dmp	CustAttr

C:\Users\Admin\AppData\Local\Temp\259206e6fbda6b46e6499e518adcaf96.exe
"C:\Users\Admin\AppData\Local\Temp\259206e6fbda6b46e6499e518adcaf96.exe"
1⤵
PID:1964

memory/1964-0-0x00000000747A0000-0x0000000074F50000-memory.dmp

Filesize
7.7MB

Download
memory/1964-1-0x0000000000800000-0x00000000008A0000-memory.dmp

Filesize
640KB

Download
memory/1964-2-0x0000000005920000-0x0000000005EC4000-memory.dmp

Filesize
5.6MB

Download
memory/1964-3-0x0000000005290000-0x0000000005322000-memory.dmp

Filesize
584KB

Download
memory/1964-4-0x00000000747A0000-0x0000000074F50000-memory.dmp

Filesize
7.7MB

Download
memory/1964-5-0x0000000005610000-0x00000000056AC000-memory.dmp

Filesize
624KB

Download
memory/1964-6-0x0000000005870000-0x0000000005880000-memory.dmp

Filesize
64KB

Download
memory/1964-7-0x0000000005350000-0x000000000535A000-memory.dmp

Filesize
40KB

Download
memory/1964-8-0x0000000005870000-0x0000000005880000-memory.dmp

Filesize
64KB

Download
memory/1964-9-0x0000000004C60000-0x0000000004C72000-memory.dmp

Filesize
72KB

Download