3fb649690f218cb4c1f3953a8437784f73bd48b9ef264b701d121818b846013d

Analysis

max time kernel
135s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
14/03/2023, 03:36 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3fb649690f218cb4c1f3953a8437784f73bd48b9ef264b701d121818b846013d.exe
Size

3.8MB
MD5

c1e42455880490955353aac4ed1386ab
SHA1

6a3641595c5bafff28d1a32851a039c90c626e0b
SHA256

3fb649690f218cb4c1f3953a8437784f73bd48b9ef264b701d121818b846013d
SHA512

87490ab945a9b33fe04e3ee1e74c114da9316c0ffc58e48fb2042863af120c84bc9b50d90b0fdc6c45ade97d1764d278e005cb7895eca6c5a97e907c0d4a76ec
SSDEEP

49152:uqh87KDZDXD1Ze31JqNnzYN55T3TtiRa9Q7M09Dr83OW9XOY10/Q9j+x7aNz3:uqh8GVT18FJaw5ORa9c9W9wSZN7

Score

1^/10

Malware Config

Signatures

C:\Users\Admin\AppData\Local\Temp\3fb649690f218cb4c1f3953a8437784f73bd48b9ef264b701d121818b846013d.exe
"C:\Users\Admin\AppData\Local\Temp\3fb649690f218cb4c1f3953a8437784f73bd48b9ef264b701d121818b846013d.exe"
1⤵
PID:788

Network

DNS

217.106.137.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

217.106.137.52.in-addr.arpa

IN PTR

Response
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

210.81.184.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

210.81.184.52.in-addr.arpa

IN PTR

Response
DNS

132.17.126.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

132.17.126.40.in-addr.arpa

IN PTR

Response
DNS

177.238.32.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

177.238.32.23.in-addr.arpa

IN PTR

Response

177.238.32.23.in-addr.arpa

IN PTR

a23-32-238-177deploystaticakamaitechnologiescom
DNS

149.220.183.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

149.220.183.52.in-addr.arpa

IN PTR

Response
DNS

199.176.139.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

199.176.139.52.in-addr.arpa

IN PTR

Response
DNS

196.249.167.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

196.249.167.52.in-addr.arpa

IN PTR

Response
DNS

45.8.109.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

45.8.109.52.in-addr.arpa

IN PTR

Response

67.24.35.254:80

322 B
7
67.24.35.254:80

322 B
7
52.152.110.14:443

260 B
5
20.189.173.9:443

322 B
7
52.152.110.14:443

260 B
5
67.24.35.254:80

322 B
7
173.223.113.164:443

322 B
7
173.223.113.131:80

322 B
7
204.79.197.203:80

322 B
7
52.152.110.14:443

260 B
5
52.152.110.14:443

260 B
5
52.152.110.14:443

260 B
5
52.152.110.14:443

260 B
5

8.8.8.8:53

217.106.137.52.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

217.106.137.52.in-addr.arpa
8.8.8.8:53

95.221.229.192.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

95.221.229.192.in-addr.arpa
8.8.8.8:53

210.81.184.52.in-addr.arpa

dns

72 B
146 B
1
1

DNS Request

210.81.184.52.in-addr.arpa
8.8.8.8:53

132.17.126.40.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

132.17.126.40.in-addr.arpa
8.8.8.8:53

177.238.32.23.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

177.238.32.23.in-addr.arpa
8.8.8.8:53

149.220.183.52.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

149.220.183.52.in-addr.arpa
8.8.8.8:53

199.176.139.52.in-addr.arpa

dns

73 B
159 B
1
1

DNS Request

199.176.139.52.in-addr.arpa
8.8.8.8:53

196.249.167.52.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

196.249.167.52.in-addr.arpa
8.8.8.8:53

45.8.109.52.in-addr.arpa

dns

70 B
144 B
1
1

DNS Request

45.8.109.52.in-addr.arpa

Windows 7 deprecation

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

Loading Replay Monitor...

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.