22c8bd53bb5b273299f479b5eaa2bf2a6addc4ca7b38478b02064f55e320716b

Analysis

max time kernel
140s
max time network
122s
platform
windows7_x64
resource
win7-20240419-en
resource tags

arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
submitted
04/06/2024, 19:36

Target

22c8bd53bb5b273299f479b5eaa2bf2a6addc4ca7b38478b02064f55e320716b.exe
Size

83KB
MD5

63e057b6d02c937ce2e2f62d4ffad74b
SHA1

ca1f68bb1d11bb9b6ee5d3e80907bade12af1480
SHA256

22c8bd53bb5b273299f479b5eaa2bf2a6addc4ca7b38478b02064f55e320716b
SHA512

f4546375131603a4201bfc8ed99d3be835f7c80a7b83005c810d2daea45f5aa05b654a8377ccce33e229e04071f4794150b6b47fa0d2cd4cbe6676fcf7d90f53
SSDEEP

1536:LJaPJpAz869DUxWB+i4OQ4NR2Kk+aSnfZaG8fcaOCzGquSE0cF+9K:LJ0TAz6Mte4A+aaZx8EnCGVu9

Score

9^/10

upx

UPX dump on OEP (original entry point) 7 IoCs

resource	yara_rule
behavioral1/memory/2124-0-0x0000000000400000-0x000000000042A000-memory.dmp	UPX
behavioral1/memory/2124-1-0x0000000000400000-0x000000000042A000-memory.dmp	UPX
behavioral1/memory/2124-7-0x0000000000400000-0x000000000042A000-memory.dmp	UPX
behavioral1/files/0x0004000000004ed7-11.dat	UPX
behavioral1/memory/2124-14-0x0000000000400000-0x000000000042A000-memory.dmp	UPX
behavioral1/memory/2124-21-0x0000000000400000-0x000000000042A000-memory.dmp	UPX
behavioral1/memory/2124-28-0x0000000000400000-0x000000000042A000-memory.dmp	UPX

UPX packed file 7 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral1/memory/2124-0-0x0000000000400000-0x000000000042A000-memory.dmp	upx
behavioral1/memory/2124-1-0x0000000000400000-0x000000000042A000-memory.dmp	upx
behavioral1/memory/2124-7-0x0000000000400000-0x000000000042A000-memory.dmp	upx
behavioral1/files/0x0004000000004ed7-11.dat	upx
behavioral1/memory/2124-14-0x0000000000400000-0x000000000042A000-memory.dmp	upx
behavioral1/memory/2124-21-0x0000000000400000-0x000000000042A000-memory.dmp	upx
behavioral1/memory/2124-28-0x0000000000400000-0x000000000042A000-memory.dmp	upx

C:\Users\Admin\AppData\Local\Temp\22c8bd53bb5b273299f479b5eaa2bf2a6addc4ca7b38478b02064f55e320716b.exe
"C:\Users\Admin\AppData\Local\Temp\22c8bd53bb5b273299f479b5eaa2bf2a6addc4ca7b38478b02064f55e320716b.exe"
1⤵
PID:2124

C:\Users\Admin\AppData\Local\Temp\rifaien2-h3h0a36ZSB6KkfKJ.exe

Filesize
83KB

MD5
993ce668ef32769cba852c18eec14226

SHA1
827eab4c7a7d5217e3646c5fce41bda1692f75e9

SHA256
d7b87376b62cd3492acf417f2553dd9f2a48a1f9ed223d09794021838096e2be

SHA512
54c881b7a0c353189bf3e46f1c4da67985caf60b1126ab3ea9d381f645d75d79dd81605b41c2c083b5e815bb1f6be60cb02b12903ea7afa05df5697fbe641017

Download Submit
memory/2124-0-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download
memory/2124-1-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download
memory/2124-7-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download
memory/2124-14-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download
memory/2124-21-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download
memory/2124-28-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download