Analysis Overview
SHA256
bc98c8b22461a2c2631b2feec399208fdc4ecd1cd2229066c2f385caa958daa3
Threat Level: Known bad
The file bc98c8b22461a2c2631b2feec399208fdc4ecd1cd2229066c2f385caa958daa3 was found to be: Known bad.
Malicious Activity Summary
Locky
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2022-07-13 14:52
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2022-07-13 14:52
Reported
2022-07-13 14:55
Platform
win10v2004-20220414-en
Max time kernel
149s
Max time network
154s
Command Line
Signatures
Locky
Processes
C:\Users\Admin\AppData\Local\Temp\bc98c8b22461a2c2631b2feec399208fdc4ecd1cd2229066c2f385caa958daa3.exe
"C:\Users\Admin\AppData\Local\Temp\bc98c8b22461a2c2631b2feec399208fdc4ecd1cd2229066c2f385caa958daa3.exe"
Network
| Country | Destination | Domain | Proto |
| US | 20.189.173.6:443 | tcp | |
| US | 52.152.108.96:443 | tcp | |
| US | 8.8.8.8:53 | flfxp.ru | udp |
| US | 8.8.8.8:53 | sbckmllt.be | udp |
| US | 8.8.8.8:53 | kquosio.in | udp |
| US | 8.8.8.8:53 | xgrxbbwgdo.uk | udp |
| US | 8.8.8.8:53 | lvrrlykypsssv.eu | udp |
| IE | 86.104.134.144:80 | tcp | |
| US | 8.8.8.8:53 | 151.122.125.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | nydbob.nl | udp |
| US | 8.8.8.8:53 | flfxp.ru | udp |
| US | 8.8.8.8:53 | sbckmllt.be | udp |
| US | 8.8.8.8:53 | kquosio.in | udp |
| CH | 173.222.108.226:80 | tcp | |
| US | 204.79.197.203:80 | tcp | |
| US | 8.8.8.8:53 | xgrxbbwgdo.uk | udp |
| US | 8.8.8.8:53 | lvrrlykypsssv.eu | udp |
| IE | 86.104.134.144:80 | tcp | |
| US | 8.8.8.8:53 | 226.101.242.52.in-addr.arpa | udp |
| NL | 104.97.14.80:80 | tcp | |
| US | 8.8.8.8:53 | nydbob.nl | udp |
| US | 8.8.8.8:53 | flfxp.ru | udp |
| US | 8.8.8.8:53 | kquosio.in | udp |
| US | 8.8.8.8:53 | xgrxbbwgdo.uk | udp |
| US | 8.8.8.8:53 | lvrrlykypsssv.eu | udp |
| IE | 86.104.134.144:80 | tcp | |
| US | 8.8.8.8:53 | nydbob.nl | udp |
| US | 8.8.8.8:53 | flfxp.ru | udp |
| US | 8.8.8.8:53 | sbckmllt.be | udp |
| US | 8.8.8.8:53 | kquosio.in | udp |
| US | 8.8.8.8:53 | xgrxbbwgdo.uk | udp |
| US | 8.8.8.8:53 | lvrrlykypsssv.eu | udp |
| IE | 86.104.134.144:80 | tcp |
Files
memory/4840-130-0x0000000000F00000-0x0000000000F04000-memory.dmp
memory/4840-131-0x0000000000F00000-0x0000000000F04000-memory.dmp
memory/4840-132-0x0000000000400000-0x00000000007D1000-memory.dmp