1cc41d9eb37cf8bb3fbbe10b9c578a690a0d69edf3813294c9c0e90bc9dba37d | Triage

Analysis

max time kernel
135s
max time network
146s
platform
windows10-2004_x64
resource
win10v2004-20230221-en
resource tags

arch:x64arch:x86image:win10v2004-20230221-enlocale:en-usos:windows10-2004-x64system
submitted
13/03/2023, 10:43 UTC

Sharing

Report Analysis Logs

General

Target

thisismytrialsample.exe
Size

9.6MB
MD5

416c015fc8f740b27cd9e67f2db99954
SHA1

1d87c8846765383d1ca954037ceb9b3d3fce1860
SHA256

1cc41d9eb37cf8bb3fbbe10b9c578a690a0d69edf3813294c9c0e90bc9dba37d
SHA512

d7c406c061e5394e70b145a9d75dfd5f65dc717c6171ed2c399a1b666498c9f739d28f0aa7edb754edb2282776221a12f8ae69920ddcd75e9a7fe9970bced050
SSDEEP

49152:UX2f8JnDn955rzrb/TZvO90d7HjmAFd4A64nsfJgANV0jdd5VQYlQLnTdzCQkvn:UJIYVOJGkucr6BE4Xq3lJv

Score

1^/10

Malware Config

Signatures

C:\Users\Admin\AppData\Local\Temp\thisismytrialsample.exe
"C:\Users\Admin\AppData\Local\Temp\thisismytrialsample.exe"
1⤵
PID:4660

Network

DNS

76.38.195.152.in-addr.arpa

Remote address:

8.8.8.8:53

Request

76.38.195.152.in-addr.arpa

IN PTR

Response
DNS

183.209.82.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

183.209.82.20.in-addr.arpa

IN PTR

Response
DNS

232.168.11.51.in-addr.arpa

Remote address:

8.8.8.8:53

Request

232.168.11.51.in-addr.arpa

IN PTR

Response
DNS

76.188.69.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

76.188.69.20.in-addr.arpa

IN PTR

Response
DNS

0.77.109.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

0.77.109.52.in-addr.arpa

IN PTR

Response
DNS

177.238.32.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

177.238.32.23.in-addr.arpa

IN PTR

Response

177.238.32.23.in-addr.arpa

IN PTR

a23-32-238-177deploystaticakamaitechnologiescom
DNS

155.25.221.88.in-addr.arpa

Remote address:

8.8.8.8:53

Request

155.25.221.88.in-addr.arpa

IN PTR

Response

155.25.221.88.in-addr.arpa

IN PTR

a88-221-25-155deploystaticakamaitechnologiescom

127.0.0.1:443

thisismytrialsample.exe
8.238.178.254:80

322 B
7
8.238.178.254:80

322 B
7
93.184.220.29:80

322 B
7
93.184.220.29:80

322 B
7
52.152.110.14:443

260 B
5
127.0.0.1:443

thisismytrialsample.exe
173.223.113.164:443

322 B
7
52.152.110.14:443

260 B
5
8.238.178.254:80

322 B
7
127.0.0.1:443

thisismytrialsample.exe
104.85.1.163:80

322 B
7
204.79.197.203:80

322 B
7
52.152.110.14:443

260 B
5
52.152.110.14:443

260 B
5
127.0.0.1:443

thisismytrialsample.exe
52.152.110.14:443

260 B
5
127.0.0.1:443

thisismytrialsample.exe
52.152.110.14:443

208 B
4

8.8.8.8:53

76.38.195.152.in-addr.arpa

dns

72 B
143 B
1
1

DNS Request

76.38.195.152.in-addr.arpa
8.8.8.8:53

183.209.82.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

183.209.82.20.in-addr.arpa
8.8.8.8:53

232.168.11.51.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

232.168.11.51.in-addr.arpa
8.8.8.8:53

76.188.69.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

76.188.69.20.in-addr.arpa
8.8.8.8:53

0.77.109.52.in-addr.arpa

dns

70 B
144 B
1
1

DNS Request

0.77.109.52.in-addr.arpa
8.8.8.8:53

177.238.32.23.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

177.238.32.23.in-addr.arpa
8.8.8.8:53

155.25.221.88.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

155.25.221.88.in-addr.arpa

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads