85cb4787d172c5614a9fd1611ec20296f22cd49179985471874c67da6792dc9a

Analysis

max time kernel
141s
max time network
120s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
22-04-2024 13:12

Target

2024-04-22_cd822240dc0171e3eeaaec4c521b52fc_karagany_mafia.exe
Size

326KB
MD5

cd822240dc0171e3eeaaec4c521b52fc
SHA1

8ab312c9bbb85a780953828e48e9c2cd70c05008
SHA256

85cb4787d172c5614a9fd1611ec20296f22cd49179985471874c67da6792dc9a
SHA512

214b2025a5d301aa92d996a67f7059f75e110fe01fe06852cb81d9aeb377564319a0e9d49a73adb678b6e5a790e47f7a00629b222c71c14cebfa2992c0299132
SSDEEP

3072:S+V2GtCb0nDlGTM87yRBNWwxnImfoP/KOBejjY6IaCDtm0zT5363kQ8JuO:SB/moTXkLHgPitjYVmq+K

Score

3^/10

Program crash 1 IoCs

Processes:

WerFault.exe

pid pid_target process target process

2648 1904 WerFault.exe 2024-04-22_cd822240dc0171e3eeaaec4c521b52fc_karagany_mafia.exe

pid	pid_target	process	target process
2648	1904	WerFault.exe	2024-04-22_cd822240dc0171e3eeaaec4c521b52fc_karagany_mafia.exe

Suspicious use of WriteProcessMemory 4 IoCs

Processes:

2024-04-22_cd822240dc0171e3eeaaec4c521b52fc_karagany_mafia.exe

description	pid	process	target process
PID 1904 wrote to memory of 2648	1904	2024-04-22_cd822240dc0171e3eeaaec4c521b52fc_karagany_mafia.exe	WerFault.exe
PID 1904 wrote to memory of 2648	1904	2024-04-22_cd822240dc0171e3eeaaec4c521b52fc_karagany_mafia.exe	WerFault.exe
PID 1904 wrote to memory of 2648	1904	2024-04-22_cd822240dc0171e3eeaaec4c521b52fc_karagany_mafia.exe	WerFault.exe
PID 1904 wrote to memory of 2648	1904	2024-04-22_cd822240dc0171e3eeaaec4c521b52fc_karagany_mafia.exe	WerFault.exe

C:\Users\Admin\AppData\Local\Temp\2024-04-22_cd822240dc0171e3eeaaec4c521b52fc_karagany_mafia.exe
"C:\Users\Admin\AppData\Local\Temp\2024-04-22_cd822240dc0171e3eeaaec4c521b52fc_karagany_mafia.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1904

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 1904 -s 248
2⤵
- Program crash
PID:2648

memory/1904-1-0x0000000000400000-0x00000000012D6000-memory.dmp

Filesize
14.8MB

Download
memory/1904-2-0x0000000001360000-0x0000000001460000-memory.dmp

Filesize
1024KB

Download
memory/1904-3-0x0000000000400000-0x00000000012D6000-memory.dmp

Filesize
14.8MB

Download
memory/1904-4-0x0000000000400000-0x00000000012D6000-memory.dmp

Filesize
14.8MB

Download
memory/1904-6-0x0000000001360000-0x0000000001460000-memory.dmp

Filesize
1024KB

Download