7f4cfd9eccd06b15b00124fe895f06dfd74dca94899284318ded1ff7fbbae31e

Analysis

max time kernel
122s
max time network
126s
platform
windows7_x64
resource
win7-20230712-en
resource tags

arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
submitted
02-08-2023 16:40

Target

39b6fdb8170eb0b1596088aa99d446d8_mafia_JC.exe
Size

955KB
MD5

39b6fdb8170eb0b1596088aa99d446d8
SHA1

cd0df3bdd5a5bbc63b079a76964266da2509899a
SHA256

7f4cfd9eccd06b15b00124fe895f06dfd74dca94899284318ded1ff7fbbae31e
SHA512

8cbc4c2bf3f12cb8c347f75451ba4f413a0da3b315895a76cc439173907f668b22890960dac89bc5f0b4ba4a3eb07406167111f9fc1e8e8387a90f17fcc5f3e7
SSDEEP

24576:lQxdTphEbZ/gLviWhOzxR5Ha4RYFo3/7C1cf:gd1qBgRO1HHa4Rs8/mc

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2716	2156	WerFault.exe	27

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2156 wrote to memory of 2716	2156	39b6fdb8170eb0b1596088aa99d446d8_mafia_JC.exe	28
PID 2156 wrote to memory of 2716	2156	39b6fdb8170eb0b1596088aa99d446d8_mafia_JC.exe	28
PID 2156 wrote to memory of 2716	2156	39b6fdb8170eb0b1596088aa99d446d8_mafia_JC.exe	28
PID 2156 wrote to memory of 2716	2156	39b6fdb8170eb0b1596088aa99d446d8_mafia_JC.exe	28

C:\Users\Admin\AppData\Local\Temp\39b6fdb8170eb0b1596088aa99d446d8_mafia_JC.exe
"C:\Users\Admin\AppData\Local\Temp\39b6fdb8170eb0b1596088aa99d446d8_mafia_JC.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2156
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2156 -s 36
  2⤵
  - Program crash
  PID:2716

memory/2156-56-0x0000000000AC0000-0x0000000000BBC660-memory.dmp

Filesize
1009KB

Download
memory/2156-55-0x0000000000AC0000-0x0000000000BBC660-memory.dmp

Filesize
1009KB

Download
memory/2156-57-0x0000000000AC0000-0x0000000000BBC660-memory.dmp

Filesize
1009KB

Download
memory/2156-58-0x0000000000AC0000-0x0000000000BBC660-memory.dmp

Filesize
1009KB

Download