53d21bf1c922fcb2cde98de0f68379970295009355b791d34cb78cb8384aac79

Analysis

max time kernel
140s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
25/01/2024, 22:39

Target

75af8aef0381fa32f2567a869beb47ee.exe
Size

41KB
MD5

75af8aef0381fa32f2567a869beb47ee
SHA1

e316cfd468e921cecacc85fd3da094150b9bf1be
SHA256

53d21bf1c922fcb2cde98de0f68379970295009355b791d34cb78cb8384aac79
SHA512

8c943feb281e87e1cf77f3279d4c805d1fd1a393a6d0723d63028516be71d781f489f1fb2036ed63171e45114a615c8c976368a927c5930e028c5a11d6d81bd6
SSDEEP

768:ob71uwaXEh/UgzV4TeYhWkQlp71L1dx8/PcSVX7RucPgMJPWHJYjlsiAdnBUR:ob71uBngh46Yhgl/xdxUUclJPz1WnBI

Score

7^/10

upx

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/2288-2-0x0000000000400000-0x0000000000410000-memory.dmp	upx
behavioral2/memory/2288-1-0x0000000000400000-0x0000000000410000-memory.dmp	upx
behavioral2/memory/2288-5-0x0000000000400000-0x000000000040C000-memory.dmp	upx

Program crash 1 IoCs

pid	pid_target	Process	procid_target
3252	2288	WerFault.exe	84

C:\Users\Admin\AppData\Local\Temp\75af8aef0381fa32f2567a869beb47ee.exe
"C:\Users\Admin\AppData\Local\Temp\75af8aef0381fa32f2567a869beb47ee.exe"
1⤵
PID:2288
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2288 -s 488
  2⤵
  - Program crash
  PID:3252

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 460 -p 2288 -ip 2288
1⤵
PID:4912

memory/2288-0-0x00000000005F0000-0x0000000000618000-memory.dmp

Filesize
160KB

Download
memory/2288-2-0x0000000000400000-0x0000000000410000-memory.dmp

Filesize
64KB

Download
memory/2288-3-0x0000000000410000-0x0000000000420000-memory.dmp

Filesize
64KB

Download
memory/2288-1-0x0000000000400000-0x0000000000410000-memory.dmp

Filesize
64KB

Download
memory/2288-5-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download
memory/2288-6-0x0000000000410000-0x0000000000420000-memory.dmp

Filesize
64KB

Download