70666015656b481f8b32b6167bc9b0b1b947bc7619f8a5b3e699f8c9cd15c072

Analysis

max time kernel
140s
max time network
125s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
11-06-2024 18:31

Target

Engines/piskvork/pbrain-pela.exe
Size

10KB
MD5

adb5ab2912418541ce02f6755f0f62c9
SHA1

79ef8f0407b39ea4b0b096214f457bf0ab5d614e
SHA256

42f1d9ba97c65d6d1ef2161de6f1b87865fa73247105f3f63e2f3b1f08edcdc8
SHA512

8a46cfe54433c3dfc4aec59cb79c3cfcbb32da1db7b2e643aa0098547c53c65a20b1a65b339f6618acc23b14b3a25918ec5453ca37f58f9c54af6a48e155ca1d
SSDEEP

192:6o8IAzztbnhn/QOjvtk6wB62tyiMxz6wpuK4ltb/DTrFxvv44o4KAyL:LYzzBnhnYOe6Jlx2wpvQNTn4Vn

Score

7^/10

upx

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

Processes:

resource	yara_rule
behavioral13/memory/2012-0-0x0000000000400000-0x000000000050D000-memory.dmp	upx
behavioral13/memory/2012-1-0x0000000000400000-0x000000000050D000-memory.dmp	upx

C:\Users\Admin\AppData\Local\Temp\Engines\piskvork\pbrain-pela.exe
"C:\Users\Admin\AppData\Local\Temp\Engines\piskvork\pbrain-pela.exe"
1⤵
PID:2012

memory/2012-0-0x0000000000400000-0x000000000050D000-memory.dmp

Filesize
1.1MB

Download
memory/2012-1-0x0000000000400000-0x000000000050D000-memory.dmp

Filesize
1.1MB

Download