8c37843930ea4f4da26f54372f7ef6629ebf5e6adf02894c412ffc0fcdff6b13

Analysis

max time kernel
141s
max time network
122s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
01-01-2024 17:43

Target

Setupck5.75.exe
Size

2.0MB
MD5

9dc1f746b84b8cd3706aaa257a695be9
SHA1

295e592fa920117d16dac1a491c4209eb3e72cf4
SHA256

4377768ee54612c2eab6a9be501b82ec55ee286a7a8dabb3ebfc9242082bf6e4
SHA512

d0fa1bb874959340e705f554176f4c2b2507f65518391eb253f9a60a4d6f90d40e6d58aa8d21604132035cae0089e8531ce13e76e653bb7a2e356df55afdb69f
SSDEEP

49152:Czee4La4KXHEaRS5o9zV2OLrkvYMIUTL18FjsuUx:CSeEa4Q+5otVXUN8FjsZx

Score

7^/10

upx

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral1/memory/1100-0-0x0000000000400000-0x000000000042F000-memory.dmp	upx
behavioral1/memory/1100-4-0x0000000000400000-0x000000000042F000-memory.dmp	upx

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
1100	Setupck5.75.exe

C:\Users\Admin\AppData\Local\Temp\Setupck5.75.exe
"C:\Users\Admin\AppData\Local\Temp\Setupck5.75.exe"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
PID:1100

memory/1100-0-0x0000000000400000-0x000000000042F000-memory.dmp

Filesize
188KB

Download
memory/1100-3-0x0000000000240000-0x000000000026F000-memory.dmp

Filesize
188KB

Download
memory/1100-2-0x0000000000240000-0x000000000026F000-memory.dmp

Filesize
188KB

Download
memory/1100-1-0x0000000000240000-0x000000000026F000-memory.dmp

Filesize
188KB

Download
memory/1100-4-0x0000000000400000-0x000000000042F000-memory.dmp

Filesize
188KB

Download
memory/1100-5-0x0000000000240000-0x000000000026F000-memory.dmp

Filesize
188KB

Download