40f8c340f112baa4f4902dd662f9d8af5416e94c16339c37a60ad3d468da7cba

Analysis

max time kernel
91s
max time network
98s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
10/05/2024, 12:41

Target

17.exe
Size

380KB
MD5

ace663ed10d3f87e729f934d724304ac
SHA1

e3f2ae024a0667bdafd7d6360a8e4564bda0c5e6
SHA256

40f8c340f112baa4f4902dd662f9d8af5416e94c16339c37a60ad3d468da7cba
SHA512

2c12281313364658d674dd68905cd0ac23cc079f5488768004c62d9895d4686c87fbfe30ce3b1f3e229476277386b2e98bf961c6b60b8d1e4524a022909b79fa
SSDEEP

6144:0VOfZTZiOydo+h9g1V5M4orn+GrtY36V7w5KjM9AC9LzfMwHeOQoFRROX7Oes2FY:iozGdX0M4ornOmZIzfMwHHQmRROXK6Pq

Score

7^/10

upx

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/4060-0-0x0000000000250000-0x000000000033A000-memory.dmp	upx
behavioral2/memory/4060-11-0x0000000000250000-0x000000000033A000-memory.dmp	upx

AutoIT Executable 1 IoCs

AutoIT scripts compiled to PE executables.

resource	yara_rule
behavioral2/memory/4060-11-0x0000000000250000-0x000000000033A000-memory.dmp	autoit_exe

C:\Users\Admin\AppData\Local\Temp\17.exe
"C:\Users\Admin\AppData\Local\Temp\17.exe"
1⤵
PID:4060

C:\Users\Admin\AppData\Local\Temp\aut5563.tmp

Filesize
70B

MD5
b9d04c7862ec1ab6be214824f4fd564a

SHA1
b5be752e9dcfb810f96e043bc9cb985f5d8332ef

SHA256
6be2c3ee4a15da430262427eb53a8803dd83d0bfd1f38a07d47d6162dbe765a0

SHA512
49fe2cfce9fd70f24625e895b5c6c5c967b8150454e2100ee36f6660cb96ed8e6ba15d83b27a811ad9e82eef46f57ee5baf2858e876d8153d163917c3484493e

Download Submit
memory/4060-0-0x0000000000250000-0x000000000033A000-memory.dmp

Filesize
936KB

Download
memory/4060-11-0x0000000000250000-0x000000000033A000-memory.dmp

Filesize
936KB

Download