7dfb8b5feb42853a7da25d04f0bbb5cdb325423a397969beb14b89370094d5b0

Analysis

max time kernel
147s
max time network
162s
platform
windows10-2004_x64
resource
win10v2004-20240704-en
resource tags

arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
submitted
07-07-2024 16:14

Target

efc39bd3b09f55646a4d7e3be60313a9.dll
Size

5.7MB
MD5

efc39bd3b09f55646a4d7e3be60313a9
SHA1

dab20eab5209f92245744340c5618af283591b33
SHA256

7dfb8b5feb42853a7da25d04f0bbb5cdb325423a397969beb14b89370094d5b0
SHA512

a0edd3c5ad67408389da56353041fe52988c706e6f3d476bb55317a87f2d9f0b667baad2413f565389dabf7009799fcb0a8a7076e2d6adf3a2c79d3765b25312
SSDEEP

98304:UWCg3KRHO1V6FdyhuW9Q5brVD9/NiRPkVlHwhsPirGfdHo5QOEtAW:JCikuqdyb9IrV2mlHmGFGEt

Score

8^/10

upx

Blocklisted process makes network request 10 IoCs

UPX packed file 10 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/620-0-0x0000000059810000-0x000000005A840000-memory.dmp	upx
behavioral2/memory/620-1-0x0000000059810000-0x000000005A840000-memory.dmp	upx
behavioral2/memory/620-3-0x0000000059810000-0x000000005A840000-memory.dmp	upx
behavioral2/memory/620-6-0x0000000059810000-0x000000005A840000-memory.dmp	upx
behavioral2/memory/620-8-0x0000000059810000-0x000000005A840000-memory.dmp	upx
behavioral2/memory/620-9-0x0000000059810000-0x000000005A840000-memory.dmp	upx
behavioral2/memory/620-11-0x0000000059810000-0x000000005A840000-memory.dmp	upx
behavioral2/memory/620-12-0x0000000059810000-0x000000005A840000-memory.dmp	upx
behavioral2/memory/620-14-0x0000000059810000-0x000000005A840000-memory.dmp	upx
behavioral2/memory/620-15-0x0000000059810000-0x000000005A840000-memory.dmp	upx

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
620	rundll32.exe
620	rundll32.exe

memory/620-0-0x0000000059810000-0x000000005A840000-memory.dmp

Filesize
16.2MB

Download
memory/620-1-0x0000000059810000-0x000000005A840000-memory.dmp

Filesize
16.2MB

Download
memory/620-3-0x0000000059810000-0x000000005A840000-memory.dmp

Filesize
16.2MB

Download
memory/620-6-0x0000000059810000-0x000000005A840000-memory.dmp

Filesize
16.2MB

Download
memory/620-8-0x0000000059810000-0x000000005A840000-memory.dmp

Filesize
16.2MB

Download
memory/620-9-0x0000000059810000-0x000000005A840000-memory.dmp

Filesize
16.2MB

Download
memory/620-11-0x0000000059810000-0x000000005A840000-memory.dmp

Filesize
16.2MB

Download
memory/620-12-0x0000000059810000-0x000000005A840000-memory.dmp

Filesize
16.2MB

Download
memory/620-14-0x0000000059810000-0x000000005A840000-memory.dmp

Filesize
16.2MB

Download
memory/620-15-0x0000000059810000-0x000000005A840000-memory.dmp

Filesize
16.2MB

Download