cfea8479520df1d71dc1e6576b19d495e13efeb9e8a0cd61ccea9bbadab16c18

Analysis

max time kernel
121s
max time network
127s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
03/06/2024, 04:02

Target

cfea8479520df1d71dc1e6576b19d495e13efeb9e8a0cd61ccea9bbadab16c18.exe
Size

159KB
MD5

4b56f047365fcb251e31358a2d248d4a
SHA1

40e7f75d5e5858263206980008ec8bc8474e5038
SHA256

cfea8479520df1d71dc1e6576b19d495e13efeb9e8a0cd61ccea9bbadab16c18
SHA512

8f7ae06957fee491e3c1d37522a320da68146bbe3db96a927e7e66c7979715f0e5db330dda171ea91bc8fce957336a5515b9439a0011f083e4d74966d55ba59f
SSDEEP

3072:KQSo1EZGtKgZGtK/PgtU1wAIuZAIucSarSaR:KQSo1EZGtKgZGtK/CAIuZAIucSarSaR

Score

9^/10

upx

UPX dump on OEP (original entry point) 2 IoCs

resource	yara_rule
behavioral1/memory/1908-0-0x0000000000400000-0x000000000040A000-memory.dmp	UPX
behavioral1/memory/1908-1-0x0000000000400000-0x000000000040A000-memory.dmp	UPX

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral1/memory/1908-0-0x0000000000400000-0x000000000040A000-memory.dmp	upx
behavioral1/memory/1908-1-0x0000000000400000-0x000000000040A000-memory.dmp	upx

C:\Users\Admin\AppData\Local\Temp\cfea8479520df1d71dc1e6576b19d495e13efeb9e8a0cd61ccea9bbadab16c18.exe
"C:\Users\Admin\AppData\Local\Temp\cfea8479520df1d71dc1e6576b19d495e13efeb9e8a0cd61ccea9bbadab16c18.exe"
1⤵
PID:1908

memory/1908-0-0x0000000000400000-0x000000000040A000-memory.dmp

Filesize
40KB

Download
memory/1908-1-0x0000000000400000-0x000000000040A000-memory.dmp

Filesize
40KB

Download