Analysis
-
max time kernel
158s -
max time network
172s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
-
submitted
03/10/2022, 11:50 UTC
General
-
Target
28cfd47fd5fb68570d68018fe85c30350c7adbc2fbd58451feead1f64de5d17d.exe
-
Size
1.3MB
-
MD5
64b78b4d0b4ef4d8ad1b0f7f68868ebd
-
SHA1
509dd03a1c18a5b118ba3969fcdf4b1b5945e165
-
SHA256
28cfd47fd5fb68570d68018fe85c30350c7adbc2fbd58451feead1f64de5d17d
-
SHA512
b21f670369aa54bae0f241374cf2282446f052fcb4050365ea6d2c52fd572a8ae054b8666c2c8d86cb5ac15c9fb865a343f321e572cb9a02990620edfe9e831a
-
SSDEEP
24576:qpfGkpHHwSfNu3sez5AMFVOEwO1Lni2ihn9udbGu5SelMjXiGuvHUoQ:qlGkgNlAOOEf1LnOncAnLjA0oQ
Score
1/10
Malware Config
Signatures
Processes
-
C:\Users\Admin\AppData\Local\Temp\28cfd47fd5fb68570d68018fe85c30350c7adbc2fbd58451feead1f64de5d17d.exe"C:\Users\Admin\AppData\Local\Temp\28cfd47fd5fb68570d68018fe85c30350c7adbc2fbd58451feead1f64de5d17d.exe"1⤵
Network
-
DNS14.110.152.52.in-addr.arpaRemote address:8.8.8.8:53Request14.110.152.52.in-addr.arpaIN PTRResponse -
DNSa.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.3.0.0.0.5.0.8.0.0.3.0.1.3.0.6.2.ip6.arpaRemote address:8.8.8.8:53Requesta.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.3.0.0.0.5.0.8.0.0.3.0.1.3.0.6.2.ip6.arpaIN PTRResponse
-
93.184.221.240:80
-
209.197.3.8:80
-
93.184.221.240:80
-
20.189.173.14:443
-
93.184.221.240:80
-
93.184.221.240:80
-
67.26.111.254:80 -
67.26.111.254:80
-
8.8.8.8:5314.110.152.52.in-addr.arpadns
DNS Request
14.110.152.52.in-addr.arpa
-
8.8.8.8:53a.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.3.0.0.0.5.0.8.0.0.3.0.1.3.0.6.2.ip6.arpadns
DNS Request
a.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.3.0.0.0.5.0.8.0.0.3.0.1.3.0.6.2.ip6.arpa
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
196KB
-
Filesize
196KB