Analysis Overview
SHA256
1b762ec5ca3b75b36ee075b6749052152e96743119544e3f6f9d5d4a399e6056
Threat Level: Known bad
The file 1904-55-0x0000000002160000-0x00000000021D8000-memory.dmp was found to be: Known bad.
Malicious Activity Summary
Eternity family
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2022-08-26 06:04
Signatures
Eternity family
Analysis: behavioral1
Detonation Overview
Submitted
2022-08-26 06:04
Reported
2022-08-26 06:07
Platform
win7-20220812-en
Max time kernel
39s
Max time network
45s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\1904-55-0x0000000002160000-0x00000000021D8000-memory.dll,#1
Network
Files
Analysis: behavioral2
Detonation Overview
Submitted
2022-08-26 06:04
Reported
2022-08-26 06:07
Platform
win10v2004-20220812-en
Max time kernel
141s
Max time network
146s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\1904-55-0x0000000002160000-0x00000000021D8000-memory.dll,#1
Network
| Country | Destination | Domain | Proto |
| US | 93.184.221.240:80 | tcp | |
| US | 93.184.221.240:80 | tcp | |
| DE | 20.52.64.200:443 | tcp | |
| NL | 87.248.202.1:80 | tcp | |
| US | 8.8.8.8:53 | 97.97.242.52.in-addr.arpa | udp |
| NL | 40.126.32.136:443 | tcp | |
| US | 8.8.8.8:53 | 226.101.242.52.in-addr.arpa | udp |