8564128dd42b65f2c19eca4d828939a85f38b677799f3179fdcca6f4979bfb71

Analysis

max time kernel
141s
max time network
125s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
25-01-2024 16:39

Target

74fd339d2c9e3ce752ed611201dcdb14.exe
Size

183KB
MD5

74fd339d2c9e3ce752ed611201dcdb14
SHA1

c7010a16e0542502be81ab2d9365ce9760984d88
SHA256

8564128dd42b65f2c19eca4d828939a85f38b677799f3179fdcca6f4979bfb71
SHA512

3beb5343d690af651ab7165bafb967a6b4d250ce69b5439a9a119b8c9a7887dc1a132517c80a8bfdc024ddef90a24277b087c203d35117ea1ec87b57b331a8f2
SSDEEP

3072:csN0shapG0bI1O0iJOAd6aky2Pf3PFuAWaIqBLRsiV71rI1GJoG+gvQIAtn:5BatbIRLAHkyovPFFcqwirr4eoG+zIAt

Score

7^/10

upx

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

Processes:

resource	yara_rule
behavioral1/memory/2444-0-0x0000000000400000-0x000000000047C000-memory.dmp	upx
behavioral1/memory/2444-6-0x0000000000400000-0x000000000047C000-memory.dmp	upx

Drops file in System32 directory 2 IoCs

Processes:

74fd339d2c9e3ce752ed611201dcdb14.exe

description	ioc	process
File created	C:\Windows\SysWOW64\msbcs.exe	74fd339d2c9e3ce752ed611201dcdb14.exe
File created	C:\Windows\SysWOW64\msreg.exe	74fd339d2c9e3ce752ed611201dcdb14.exe

C:\Users\Admin\AppData\Local\Temp\74fd339d2c9e3ce752ed611201dcdb14.exe
"C:\Users\Admin\AppData\Local\Temp\74fd339d2c9e3ce752ed611201dcdb14.exe"
1⤵
- Drops file in System32 directory
PID:2444

memory/2444-0-0x0000000000400000-0x000000000047C000-memory.dmp

Filesize
496KB

Download
memory/2444-1-0x0000000000230000-0x0000000000231000-memory.dmp

Filesize
4KB

Download
memory/2444-6-0x0000000000400000-0x000000000047C000-memory.dmp

Filesize
496KB

Download