8cba1b1088e1eec539d121d070238c97432e965dfa84684a2e27659589ec6592

Analysis

max time kernel
138s
max time network
143s
platform
windows10-2004_x64
resource
win10v2004-20240419-en
resource tags

arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
submitted
02/05/2024, 00:21

Target

8cba1b1088e1eec539d121d070238c97432e965dfa84684a2e27659589ec6592.exe
Size

760KB
MD5

7e4d7c99a796459eafd105939497c467
SHA1

a6f2ae384a752186e6627bb53976070af7a5003c
SHA256

8cba1b1088e1eec539d121d070238c97432e965dfa84684a2e27659589ec6592
SHA512

201dec3ea1710170b503888c7ab97429574194a9a338fbd6cbb20cca9abf38259ad6a3cd17022e5df7fc889f275a98e9b5936ab3b978cc2d85362633aa4712d5
SSDEEP

6144:9kgiPA6RSPwVjj+VPj92d62ASOwjaA2pcukimiicwVjj+VPj92d62ASOwj:XiPDpIPj92aSOcauukL9pIPj92aSOc

Score

9^/10

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
behavioral2/memory/1656-1-0x0000000000400000-0x00000000004BE000-memory.dmp	UPX

Program crash 1 IoCs

pid	pid_target	Process	procid_target
3028	1656	WerFault.exe	83

C:\Users\Admin\AppData\Local\Temp\8cba1b1088e1eec539d121d070238c97432e965dfa84684a2e27659589ec6592.exe
"C:\Users\Admin\AppData\Local\Temp\8cba1b1088e1eec539d121d070238c97432e965dfa84684a2e27659589ec6592.exe"
1⤵
PID:1656
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 1656 -s 216
  2⤵
  - Program crash
  PID:3028

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 416 -p 1656 -ip 1656
1⤵
PID:1088

memory/1656-0-0x0000000000400000-0x00000000004BE000-memory.dmp

Filesize
760KB

Download
memory/1656-1-0x0000000000400000-0x00000000004BE000-memory.dmp

Filesize
760KB

Download