ae2db060b3c6276691230399307ece62d8b59d89f0d5c5d7ef2e03d60fdaeb00

Analysis

max time kernel
135s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20231222-en
resource tags

arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
submitted
13/01/2024, 20:55

Target

596474f912744f495ea4f95d4dc0c69e.exe
Size

226KB
MD5

596474f912744f495ea4f95d4dc0c69e
SHA1

9ff10912ad2486d054286b6378d1c019be44678f
SHA256

ae2db060b3c6276691230399307ece62d8b59d89f0d5c5d7ef2e03d60fdaeb00
SHA512

b52dbe2777eb242a9755a1157c75f66782d5055376a60227083410970efef624f533677cec806a6d9b1848815fd67fbbf5615c7e213eff208e1ebcbf8772c351
SSDEEP

3072:sA8AuJpiZ0hE0LFgEbGfVRTcnQ6pZVsO5XNnlQ1QHTjZfclIlYc3kH/TPPTOxny8:A9pM0BgVRB0ZVsALXEl32+LPPTOxn3j

Score

7^/10

upx

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/1960-0-0x0000000000400000-0x00000000004B3000-memory.dmp	upx
behavioral2/memory/1960-2-0x0000000000400000-0x00000000004B3000-memory.dmp	upx

Program crash 1 IoCs

pid	pid_target	Process	procid_target
1596	1960	WerFault.exe	74

C:\Users\Admin\AppData\Local\Temp\596474f912744f495ea4f95d4dc0c69e.exe
"C:\Users\Admin\AppData\Local\Temp\596474f912744f495ea4f95d4dc0c69e.exe"
1⤵
PID:1960
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 1960 -s 268
  2⤵
  - Program crash
  PID:1596

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 1960 -ip 1960
1⤵
PID:2724

memory/1960-0-0x0000000000400000-0x00000000004B3000-memory.dmp

Filesize
716KB

Download
memory/1960-1-0x0000000002200000-0x0000000002208000-memory.dmp

Filesize
32KB

Download
memory/1960-2-0x0000000000400000-0x00000000004B3000-memory.dmp

Filesize
716KB

Download