a725e690f10a9681fbe2423f9c1fa83f823479d4ad35102fc82e090ff5980757 | Triage

Analysis

max time kernel
159s
max time network
163s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
24/11/2022, 00:01 UTC

Sharing

Report Analysis Logs

General

Target

a725e690f10a9681fbe2423f9c1fa83f823479d4ad35102fc82e090ff5980757.exe
Size

60KB
MD5

011ab67720e52c6491395b0588412441
SHA1

633f07c5fe4091e3e7076aa879c76dd49c2deca5
SHA256

a725e690f10a9681fbe2423f9c1fa83f823479d4ad35102fc82e090ff5980757
SHA512

9b9ba2dbdb66bbb67d588059bd28df17f91e925bdd3ca00d696d19630570b062ca1d7cc76682729fe637ce5731a3561a3ac7c41efe15a1f5463d0557753c95da
SSDEEP

768:7JrZLkxtxWlsY/DyBJFX8286iX0XskkU5tYHrNbKvSf5hc6bdvr:V1LYDN+XAfiP5hc6bdvr

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
1672	a725e690f10a9681fbe2423f9c1fa83f823479d4ad35102fc82e090ff5980757.exe
1672	a725e690f10a9681fbe2423f9c1fa83f823479d4ad35102fc82e090ff5980757.exe

C:\Users\Admin\AppData\Local\Temp\a725e690f10a9681fbe2423f9c1fa83f823479d4ad35102fc82e090ff5980757.exe
"C:\Users\Admin\AppData\Local\Temp\a725e690f10a9681fbe2423f9c1fa83f823479d4ad35102fc82e090ff5980757.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:1672

Network

DNS

updatemygame.3d-game.com

a725e690f10a9681fbe2423f9c1fa83f823479d4ad35102fc82e090ff5980757.exe

Remote address:

8.8.8.8:53

Request

updatemygame.3d-game.com

IN A

Response

updatemygame.3d-game.com

IN A

198.58.118.167

updatemygame.3d-game.com

IN A

45.33.20.235

updatemygame.3d-game.com

IN A

45.33.23.183

updatemygame.3d-game.com

IN A

45.33.2.79

updatemygame.3d-game.com

IN A

72.14.178.174

updatemygame.3d-game.com

IN A

45.79.19.196

updatemygame.3d-game.com

IN A

173.255.194.134

updatemygame.3d-game.com

IN A

45.33.18.44

updatemygame.3d-game.com

IN A

45.56.79.23

updatemygame.3d-game.com

IN A

45.33.30.197

updatemygame.3d-game.com

IN A

72.14.185.43

updatemygame.3d-game.com

IN A

96.126.123.244

198.58.118.167:8080

updatemygame.3d-game.com

a725e690f10a9681fbe2423f9c1fa83f823479d4ad35102fc82e090ff5980757.exe

152 B
3
45.33.20.235:8080

updatemygame.3d-game.com

a725e690f10a9681fbe2423f9c1fa83f823479d4ad35102fc82e090ff5980757.exe

152 B
3
45.33.23.183:8080

updatemygame.3d-game.com

a725e690f10a9681fbe2423f9c1fa83f823479d4ad35102fc82e090ff5980757.exe

152 B
3
45.33.2.79:8080

updatemygame.3d-game.com

a725e690f10a9681fbe2423f9c1fa83f823479d4ad35102fc82e090ff5980757.exe

152 B
3
72.14.178.174:8080

updatemygame.3d-game.com

a725e690f10a9681fbe2423f9c1fa83f823479d4ad35102fc82e090ff5980757.exe

152 B
3

8.8.8.8:53

updatemygame.3d-game.com

dns

a725e690f10a9681fbe2423f9c1fa83f823479d4ad35102fc82e090ff5980757.exe

70 B
262 B
1
1

DNS Request

updatemygame.3d-game.com

DNS Response

198.58.118.167

45.33.20.235

45.33.23.183

45.33.2.79

72.14.178.174

45.79.19.196

173.255.194.134

45.33.18.44

45.56.79.23

45.33.30.197

72.14.185.43

96.126.123.244

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1672-57-0x0000000075C51000-0x0000000075C53000-memory.dmp

Filesize
8KB

Download