a3e0b478f4990a9b8164327fa8cc2557a03391c631c9e87457ab72027108af11

Analysis

max time kernel
140s
max time network
125s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
23/07/2024, 06:33

Target

2007241082693/StartEXE/Start.exe
Size

8KB
MD5

cdb46439710b2f73f31d18dec789d444
SHA1

9f6bfec3d832f155409a09423297f11c5e2e98bb
SHA256

ae8050ad7fa6de6e79a1f1b18bde9e51d8d645815c5754772b63ec8d0cc10809
SHA512

3c19722f9477596cf9149bbbc03fe1953de83ec2109100f89d260c4565dc082b3903453c2dd2ad73127d41043c4353ce899c8e5501c7c4bee1e5d9b22efc0522
SSDEEP

192:ntEubGd/SJRj4zou4ZD4s+WzF95sEvWmwNkvnhP72usOpbQBn5:Gd/S3ysD5VEkvnJ6uPbQB5

Score

7^/10

upx

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral5/memory/2192-0-0x0000000000400000-0x000000000040E000-memory.dmp	upx
behavioral5/memory/2192-1-0x0000000000020000-0x000000000002D000-memory.dmp	upx
behavioral5/memory/2192-2-0x0000000000400000-0x000000000040E000-memory.dmp	upx

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2192	Start.exe

C:\Users\Admin\AppData\Local\Temp\2007241082693\StartEXE\Start.exe
"C:\Users\Admin\AppData\Local\Temp\2007241082693\StartEXE\Start.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:2192

memory/2192-0-0x0000000000400000-0x000000000040E000-memory.dmp

Filesize
56KB

Download
memory/2192-1-0x0000000000020000-0x000000000002D000-memory.dmp

Filesize
52KB

Download
memory/2192-2-0x0000000000400000-0x000000000040E000-memory.dmp

Filesize
56KB

Download