f5a747f5a5fc5610e12c480b039214ba1d58fd3e157a477e3ce543fc7aa093e5

Analysis

max time kernel
151s
max time network
126s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
12-03-2024 07:05

Target

c2c0d142d2719f3ead631dbe5136d113.exe
Size

130KB
MD5

c2c0d142d2719f3ead631dbe5136d113
SHA1

833a1899c822e8e4c3c8d58766a583ec30b0a6aa
SHA256

f5a747f5a5fc5610e12c480b039214ba1d58fd3e157a477e3ce543fc7aa093e5
SHA512

6b716b5d753a1f1f63d8da9d5dc19fd18b7ca222d991875f841f996e20db6168885c4bd8f67c5993f306c3dd83db2fca2e0fbbbcb06745b9ed11f30e877693bb
SSDEEP

3072:MDJm/U2xL/LIRJ13HCiAk8XB5VdWN+/OAeVPi3uqx6nFYV:tU2xfI3iY0jVk+OAeV63Ynm

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral1/memory/2156-0-0x0000000000400000-0x0000000000433000-memory.dmp	upx

Suspicious use of UnmapMainImage 1 IoCs

pid	Process
2156	c2c0d142d2719f3ead631dbe5136d113.exe

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 2156 wrote to memory of 2988	2156	c2c0d142d2719f3ead631dbe5136d113.exe	28
PID 2156 wrote to memory of 2988	2156	c2c0d142d2719f3ead631dbe5136d113.exe	28
PID 2156 wrote to memory of 2988	2156	c2c0d142d2719f3ead631dbe5136d113.exe	28
PID 2156 wrote to memory of 2988	2156	c2c0d142d2719f3ead631dbe5136d113.exe	28
PID 2156 wrote to memory of 2988	2156	c2c0d142d2719f3ead631dbe5136d113.exe	28
PID 2156 wrote to memory of 2988	2156	c2c0d142d2719f3ead631dbe5136d113.exe	28
PID 2156 wrote to memory of 2988	2156	c2c0d142d2719f3ead631dbe5136d113.exe	28

memory/2156-0-0x0000000000400000-0x0000000000433000-memory.dmp

Filesize
204KB

Download
memory/2156-2-0x00000000001C0000-0x00000000001C2000-memory.dmp

Filesize
8KB

Download
memory/2156-3-0x0000000000400000-0x0000000000414000-memory.dmp

Filesize
80KB

Download
memory/2156-7-0x0000000000400000-0x0000000000414000-memory.dmp

Filesize
80KB

Download
memory/2988-4-0x00000000000C0000-0x00000000000C9000-memory.dmp

Filesize
36KB

Download
memory/2988-5-0x00000000000C0000-0x00000000000C9000-memory.dmp

Filesize
36KB

Download
memory/2988-8-0x00000000000C0000-0x00000000000C9000-memory.dmp

Filesize
36KB

Download
memory/2988-11-0x00000000000C0000-0x00000000000C9000-memory.dmp

Filesize
36KB

Download