b54f6869ce3ac55b53934e4aac07b41de9aa0e163aaf34c86cd3a68f3aff63a7

Analysis

max time kernel
149s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240704-en
resource tags

arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
submitted
09/07/2024, 11:09

Target

b54f6869ce3ac55b53934e4aac07b41de9aa0e163aaf34c86cd3a68f3aff63a7.exe
Size

10.1MB
MD5

48abed7c2ff605d5a9218b0753761c90
SHA1

58577e635790877329a1d012eac88de4821397c3
SHA256

b54f6869ce3ac55b53934e4aac07b41de9aa0e163aaf34c86cd3a68f3aff63a7
SHA512

33aa87633ad3ba2d5b295e9ec62e948018d769d09c810770ff703cb72f4b1a10ad4380028489b13e138e1efa4028ca1c3c18480f1bb35359e531f39867668c0e
SSDEEP

196608:OHsFMMPLiV6HlI1PFWUs8bb2s73QFqENscckrtfFqTyOrZY:giMILo6H6FFWUs4CszQFq0sccDNO

Score

7^/10

upx

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/4752-1-0x0000000002780000-0x000000000278B000-memory.dmp	upx
behavioral2/memory/4752-2-0x0000000002780000-0x000000000278B000-memory.dmp	upx
behavioral2/memory/4752-7-0x0000000002780000-0x000000000278B000-memory.dmp	upx

Suspicious use of SetWindowsHookEx 5 IoCs

pid	Process
4752	b54f6869ce3ac55b53934e4aac07b41de9aa0e163aaf34c86cd3a68f3aff63a7.exe
4752	b54f6869ce3ac55b53934e4aac07b41de9aa0e163aaf34c86cd3a68f3aff63a7.exe
4752	b54f6869ce3ac55b53934e4aac07b41de9aa0e163aaf34c86cd3a68f3aff63a7.exe
4752	b54f6869ce3ac55b53934e4aac07b41de9aa0e163aaf34c86cd3a68f3aff63a7.exe
4752	b54f6869ce3ac55b53934e4aac07b41de9aa0e163aaf34c86cd3a68f3aff63a7.exe

C:\Users\Admin\AppData\Local\Temp\b54f6869ce3ac55b53934e4aac07b41de9aa0e163aaf34c86cd3a68f3aff63a7.exe
"C:\Users\Admin\AppData\Local\Temp\b54f6869ce3ac55b53934e4aac07b41de9aa0e163aaf34c86cd3a68f3aff63a7.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:4752

memory/4752-0-0x0000000000400000-0x00000000007C9000-memory.dmp

Filesize
3.8MB

Download
memory/4752-1-0x0000000002780000-0x000000000278B000-memory.dmp

Filesize
44KB

Download
memory/4752-2-0x0000000002780000-0x000000000278B000-memory.dmp

Filesize
44KB

Download
memory/4752-5-0x0000000005120000-0x0000000005121000-memory.dmp

Filesize
4KB

Download
memory/4752-4-0x0000000005100000-0x0000000005101000-memory.dmp

Filesize
4KB

Download
memory/4752-3-0x0000000005110000-0x0000000005111000-memory.dmp

Filesize
4KB

Download
memory/4752-6-0x0000000000400000-0x00000000007C9000-memory.dmp

Filesize
3.8MB

Download
memory/4752-7-0x0000000002780000-0x000000000278B000-memory.dmp

Filesize
44KB

Download