45a32a4a46e916adfb5017ef80f07b7410f04879cd75193fedce951ba1751ced

Analysis

max time kernel
120s
max time network
123s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
21-07-2024 20:43

Target

maple/Maple.exe
Size

74.8MB
MD5

87dbbc1ff26b8f7e5cbe56b8f7d4d406
SHA1

c731816d542d527c25b0ce6269a573b8eb486e9b
SHA256

f7821841c7f10c253f9e34f91e38cea853244afc0103561647598c707ff26742
SHA512

2196b39219865c2efd75fa678b0e4723951a2a2f48094c410ddcff4b9ef59e35cb946788487130085f77826868abfe3e7c35cbb80389c3e4d59adedce860086c
SSDEEP

1572864:Aps9Fnab4+6DQSc6JUCSi0HTq1/3LmSGnxnkqbHbcT7IMpeQW/0FKAGCYK:wzx6cSgC0HMVGnDbHbc5peu9GCYK

Score

7^/10

upx

Loads dropped DLL 1 IoCs

Processes:

Maple.exe

pid process

2828 Maple.exe

pid	process
2828	Maple.exe

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

Processes:

resource	yara_rule
C:\Users\Admin\AppData\Local\Temp\_MEI30562\python310.dll	upx

Suspicious use of WriteProcessMemory 3 IoCs

Processes:

Maple.exe

description	pid	process	target process
PID 3056 wrote to memory of 2828	3056	Maple.exe	Maple.exe
PID 3056 wrote to memory of 2828	3056	Maple.exe	Maple.exe
PID 3056 wrote to memory of 2828	3056	Maple.exe	Maple.exe

C:\Users\Admin\AppData\Local\Temp\maple\Maple.exe
"C:\Users\Admin\AppData\Local\Temp\maple\Maple.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:3056
- C:\Users\Admin\AppData\Local\Temp\maple\Maple.exe
  "C:\Users\Admin\AppData\Local\Temp\maple\Maple.exe"
  2⤵
  - Loads dropped DLL
  PID:2828

C:\Users\Admin\AppData\Local\Temp\_MEI30562\python310.dll

Filesize
1.4MB

MD5
4a6afa2200b1918c413d511c5a3c041c

SHA1
39ca3c2b669adac07d4a5eb1b3b79256cfe0c3b3

SHA256
bec187f608507b57cf0475971ba646b8ab42288af8fdcf78bce25f1d8c84b1da

SHA512
dbffb06ffff0542200344ea9863a44a6f1e1b783379e53df18580e697e8204d3911e091deb32a9c94b5599cdd54301b705b74e1f51104151cf13b89d57280a20

Download Submit
memory/2828-14-0x000007FEF5590000-0x000007FEF59F6000-memory.dmp

Filesize
4.4MB

Download