bf46092d3d8b431214046dcb261fe9f33eb174823e0f226ea5ffa5999fd04209

Analysis

max time kernel
140s
max time network
120s
platform
windows7_x64
resource
win7-20240215-en
resource tags

arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
submitted
08/03/2024, 09:18

Target

bae201103d3d1b3b703a3a3dfce98f90.exe
Size

16KB
MD5

bae201103d3d1b3b703a3a3dfce98f90
SHA1

a7868152e3857a367309978c71f72276dd48d261
SHA256

bf46092d3d8b431214046dcb261fe9f33eb174823e0f226ea5ffa5999fd04209
SHA512

a3343737ed2604bdfa3776859eb50edad680be90269b3f291945ca21d856c212f7a1e2a90f0639b3fda58a8e538424ba82276764930340587f3ccdfbc4d9c44d
SSDEEP

192:/rsYhtO5zpP5eCGJ/RFbf5iNHQZZNzmHJuA9DqMfpnGhP9keZKDPFDcU:/Rtk55wJ38VizEuA9DfpnGR9zZKDdr

Score

7^/10

upx

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral1/memory/2388-0-0x0000000000400000-0x000000000040E000-memory.dmp	upx
behavioral1/memory/2388-1-0x0000000000400000-0x000000000040E000-memory.dmp	upx

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
2388	bae201103d3d1b3b703a3a3dfce98f90.exe
2388	bae201103d3d1b3b703a3a3dfce98f90.exe

C:\Users\Admin\AppData\Local\Temp\bae201103d3d1b3b703a3a3dfce98f90.exe
"C:\Users\Admin\AppData\Local\Temp\bae201103d3d1b3b703a3a3dfce98f90.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:2388

memory/2388-0-0x0000000000400000-0x000000000040E000-memory.dmp

Filesize
56KB

Download
memory/2388-1-0x0000000000400000-0x000000000040E000-memory.dmp

Filesize
56KB

Download