d440af99b900aed385f3760a699396ae77939700d10957e67b38bc4e758b9467

Analysis

max time kernel
132s
max time network
102s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
24/05/2024, 21:41

Target

2024-05-24_aaa3301e0f2c3ba6ce3ad334a9b825af_mafia_qakbot.exe
Size

979KB
MD5

aaa3301e0f2c3ba6ce3ad334a9b825af
SHA1

3c2673f5e272ead369c687f2fdece2b6c902fad6
SHA256

d440af99b900aed385f3760a699396ae77939700d10957e67b38bc4e758b9467
SHA512

bd26e86990d2c4ce96e5fce11784b258ae0a1e3994ab7adbac942428b1de16371a800fe1cb231b4eab4274822423a135a452cd5c10aecf36bda0472b1bbef499
SSDEEP

24576:ufH3yDkamUtXJMyqXmaGjY4nyV197CJkQ:QH3uyXHkY4n6Y

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
5320	5072	WerFault.exe	81

C:\Users\Admin\AppData\Local\Temp\2024-05-24_aaa3301e0f2c3ba6ce3ad334a9b825af_mafia_qakbot.exe
"C:\Users\Admin\AppData\Local\Temp\2024-05-24_aaa3301e0f2c3ba6ce3ad334a9b825af_mafia_qakbot.exe"
1⤵
PID:5072
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 5072 -s 220
  2⤵
  - Program crash
  PID:5320

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 5072 -ip 5072
1⤵
PID:5324

memory/5072-0-0x0000000000200000-0x0000000000304000-memory.dmp

Filesize
1.0MB

Download
memory/5072-2-0x0000000000200000-0x0000000000304000-memory.dmp

Filesize
1.0MB

Download
memory/5072-3-0x0000000000201000-0x0000000000295000-memory.dmp

Filesize
592KB

Download
memory/5072-1-0x0000000000200000-0x0000000000304000-memory.dmp

Filesize
1.0MB

Download