74c280cb10079da90deb7093e70264c6db5c2739c0af23a5b51b19dcda664f41

Analysis

max time kernel
92s
max time network
120s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
22-01-2024 15:01

Target

6fba7d44e5dbe91ec528f261050e2e49.exe
Size

132KB
MD5

6fba7d44e5dbe91ec528f261050e2e49
SHA1

94081016c87881f6af30537840f0ee8aa7733c6e
SHA256

74c280cb10079da90deb7093e70264c6db5c2739c0af23a5b51b19dcda664f41
SHA512

e50e30971409c60d903d4d7ecf228ed01eb80060a0ac88efdc98d0f83da9dba611c18e726eea622c6c88460e7b0027838e07bce6dd96d387ca16d974614c0d82
SSDEEP

3072:sbPqV+hVs56tDAtymOs4ueM0sxOAQzNaz3WTJhk6CtsUkaDCw9:2K+bs5HtymD4+0sxO1uYJ+judQ

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/744-0-0x0000000000400000-0x0000000000434000-memory.dmp	upx

Suspicious use of UnmapMainImage 1 IoCs

pid	Process
744	6fba7d44e5dbe91ec528f261050e2e49.exe

Suspicious use of WriteProcessMemory 5 IoCs

description	pid	Process	procid_target
PID 744 wrote to memory of 4072	744	6fba7d44e5dbe91ec528f261050e2e49.exe	86
PID 744 wrote to memory of 4072	744	6fba7d44e5dbe91ec528f261050e2e49.exe	86
PID 744 wrote to memory of 4072	744	6fba7d44e5dbe91ec528f261050e2e49.exe	86
PID 744 wrote to memory of 4072	744	6fba7d44e5dbe91ec528f261050e2e49.exe	86
PID 744 wrote to memory of 4072	744	6fba7d44e5dbe91ec528f261050e2e49.exe	86

memory/744-0-0x0000000000400000-0x0000000000434000-memory.dmp

Filesize
208KB

Download
memory/744-5-0x0000000000400000-0x0000000000414000-memory.dmp

Filesize
80KB

Download
memory/744-4-0x0000000000420000-0x000000000042E000-memory.dmp

Filesize
56KB

Download
memory/744-3-0x0000000000400000-0x0000000000414000-memory.dmp

Filesize
80KB

Download
memory/744-2-0x00000000006E0000-0x00000000006E2000-memory.dmp

Filesize
8KB

Download