Analysis

  • max time kernel
    120s
  • max time network
    124s
  • platform
    windows10_x64
  • resource
    win10-en-20211208
  • submitted
    16-12-2021 03:42

General

  • Target

    ojfepp.dll

  • Size

    151KB

  • MD5

    bafaf704bb907ca0100d21df7306089c

  • SHA1

    d2e841496ab9cf659f7bd2bb62147118c6cb7684

  • SHA256

    4fbf01e80561ac1528b50e3a49b7b7bf8139decf62c3653672a545cfec7deee5

  • SHA512

    8082be1b97e50568d270ba2276ac464c26ab44c5b29a7981f3546bda866e43e1de76447894274c9261b780d631ef9238d2c49b4a437e7620f5d04abcaf49eedb

Score
1/10

Malware Config

Signatures

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\ojfepp.dll,#1
    1⤵
      PID:3672

    Network

    • flag-us
      DNS
      time.windows.com
      Remote address:
      8.8.8.8:53
      Request
      time.windows.com
      IN A
      Response
      time.windows.com
      IN CNAME
      twc.trafficmanager.net
      twc.trafficmanager.net
      IN A
      40.119.148.38
    • 213.91.128.133:10060
      46 B
      407 B
      1
      1
    • 52.109.12.20:443
      322 B
      7
    • 8.8.8.8:53
      time.windows.com
      dns
      62 B
      114 B
      1
      1

      DNS Request

      time.windows.com

      DNS Response

      40.119.148.38

    • 40.119.148.38:123
      time.windows.com
      ntp
      76 B
      1

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3672-115-0x000001EE00440000-0x000001EE00477000-memory.dmp

      Filesize

      220KB

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.