e87caa3e0beface996729fdd2dc5ecc3bcd74f6f1095c4e684846fe1b53c5afa

Analysis

max time kernel
149s
max time network
136s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
04/01/2024, 02:12

Target

3fa2c2c8aff47c144d8aeb07938d3105.exe
Size

142KB
MD5

3fa2c2c8aff47c144d8aeb07938d3105
SHA1

e15b482a94dc9f46c989b6401d90aa0745e80402
SHA256

e87caa3e0beface996729fdd2dc5ecc3bcd74f6f1095c4e684846fe1b53c5afa
SHA512

a0f1c3a11c4b875fec380492f0968f14d7f427a347259ec99cc46da8badb9d7128269432185ef8655bdebd5e1259002c20a1ea9d19d28d5ad4e4eecba3a423a4
SSDEEP

3072:LFsKdfOg3h7rMPrEE9W7exgVtn4W2PoULjuHfe1v0Q3LwiMQU:6KdfO+XMDpW7f4YWuHfep0eEdR

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral1/memory/2396-0-0x0000000000400000-0x000000000043F000-memory.dmp	upx

Suspicious use of UnmapMainImage 1 IoCs

pid	Process
2396	3fa2c2c8aff47c144d8aeb07938d3105.exe

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 2396 wrote to memory of 2312	2396	3fa2c2c8aff47c144d8aeb07938d3105.exe	28
PID 2396 wrote to memory of 2312	2396	3fa2c2c8aff47c144d8aeb07938d3105.exe	28
PID 2396 wrote to memory of 2312	2396	3fa2c2c8aff47c144d8aeb07938d3105.exe	28
PID 2396 wrote to memory of 2312	2396	3fa2c2c8aff47c144d8aeb07938d3105.exe	28
PID 2396 wrote to memory of 2312	2396	3fa2c2c8aff47c144d8aeb07938d3105.exe	28
PID 2396 wrote to memory of 2312	2396	3fa2c2c8aff47c144d8aeb07938d3105.exe	28
PID 2396 wrote to memory of 2312	2396	3fa2c2c8aff47c144d8aeb07938d3105.exe	28

memory/2312-4-0x0000000000080000-0x0000000000089000-memory.dmp

Filesize
36KB

Download
memory/2312-3-0x0000000000080000-0x0000000000089000-memory.dmp

Filesize
36KB

Download
memory/2312-7-0x0000000000080000-0x0000000000089000-memory.dmp

Filesize
36KB

Download
memory/2312-6-0x0000000000370000-0x0000000000378000-memory.dmp

Filesize
32KB

Download
memory/2312-10-0x0000000000080000-0x0000000000089000-memory.dmp

Filesize
36KB

Download
memory/2396-0-0x0000000000400000-0x000000000043F000-memory.dmp

Filesize
252KB

Download
memory/2396-1-0x00000000001B0000-0x00000000001B2000-memory.dmp

Filesize
8KB

Download
memory/2396-2-0x0000000000400000-0x0000000000414000-memory.dmp

Filesize
80KB

Download
memory/2396-5-0x0000000000400000-0x0000000000414000-memory.dmp

Filesize
80KB

Download