cffe9c9b50bdbc7b69ee50b7430c64d5e18820d2834f797fe9d3655348905ecc

Analysis

max time kernel
118s
max time network
123s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
13/03/2024, 16:38

Target

2024-03-13_7244f6f458a6f3f351668988380b42e1_mafia.exe
Size

472KB
MD5

7244f6f458a6f3f351668988380b42e1
SHA1

ad644f79901ff093a56b4c74500ac3cd671c8cb6
SHA256

cffe9c9b50bdbc7b69ee50b7430c64d5e18820d2834f797fe9d3655348905ecc
SHA512

304db74c7d6567d8ad95806c16d94ce34628ca592bf28d2ad903e768efa3b76f1a970ecc45e32a1afd59e80ccbef4b7e45c494353b644191761384a4fe75d0f5
SSDEEP

6144:nCyiXVZhMMOP/AXh/PP6IEWEonebA8mUG05UJKH2khp9j5kz+i9moRQUJg4EahrT:ndiXZMbKCxWIW+kmoRQU24EyiPlIn

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2212	2220	WerFault.exe	27

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2220 wrote to memory of 2212	2220	2024-03-13_7244f6f458a6f3f351668988380b42e1_mafia.exe	28
PID 2220 wrote to memory of 2212	2220	2024-03-13_7244f6f458a6f3f351668988380b42e1_mafia.exe	28
PID 2220 wrote to memory of 2212	2220	2024-03-13_7244f6f458a6f3f351668988380b42e1_mafia.exe	28
PID 2220 wrote to memory of 2212	2220	2024-03-13_7244f6f458a6f3f351668988380b42e1_mafia.exe	28

C:\Users\Admin\AppData\Local\Temp\2024-03-13_7244f6f458a6f3f351668988380b42e1_mafia.exe
"C:\Users\Admin\AppData\Local\Temp\2024-03-13_7244f6f458a6f3f351668988380b42e1_mafia.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2220
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2220 -s 36
  2⤵
  - Program crash
  PID:2212