Malware Analysis Report

2025-06-15 21:43

Sample ID 230409-b55v4sge33
Target ee6dd73e3cd04adad8fed498a8a51571.bin
SHA256 05e2eecbb6b1effa3d1662c538d912b846639bb14e5b7c03f18a69ce41e885e4
Tags
agilenet
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral12

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral16

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral19

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral24

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral25

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral28

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral7

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral21

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral22

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral32

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral18

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral20

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral26

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral6

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral8

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral10

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral13

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral15

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral9

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral14

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral17

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral23

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral27

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral30

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral5

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral11

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral29

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral31

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

SHA256

05e2eecbb6b1effa3d1662c538d912b846639bb14e5b7c03f18a69ce41e885e4

Threat Level: Shows suspicious behavior

The file ee6dd73e3cd04adad8fed498a8a51571.bin was found to be: Shows suspicious behavior.

Malicious Activity Summary

agilenet

Obfuscated with Agile.Net obfuscator

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2023-04-09 01:44

Signatures

Obfuscated with Agile.Net obfuscator

agilenet
Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Analysis: behavioral2

Detonation Overview

Submitted

2023-04-09 01:44

Reported

2023-04-09 01:47

Platform

win10v2004-20230220-en

Max time kernel

70s

Max time network

153s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\BouncyCastle.Crypto.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\BouncyCastle.Crypto.dll,#1

Network

Country Destination Domain Proto
US 8.8.8.8:53 154.239.44.20.in-addr.arpa udp
US 93.184.220.29:80 tcp
US 93.184.220.29:80 tcp
US 8.8.8.8:53 13.86.106.20.in-addr.arpa udp
US 8.8.8.8:53 28.118.140.52.in-addr.arpa udp
US 8.8.8.8:53 206.23.85.13.in-addr.arpa udp
US 20.189.173.5:443 tcp
NL 173.223.113.164:443 tcp
NL 173.223.113.131:80 tcp
US 8.8.8.8:53 45.8.109.52.in-addr.arpa udp
US 8.8.8.8:53 176.122.125.40.in-addr.arpa udp
US 8.8.8.8:53 2.36.159.162.in-addr.arpa udp
NL 8.238.177.126:80 tcp

Files

N/A

Analysis: behavioral12

Detonation Overview

Submitted

2023-04-09 01:44

Reported

2023-04-09 01:47

Platform

win10v2004-20230221-en

Max time kernel

105s

Max time network

144s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuCircleProgress.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuCircleProgress.dll,#1

Network

Country Destination Domain Proto
US 209.197.3.8:80 tcp
US 209.197.3.8:80 tcp
US 8.8.8.8:53 176.122.125.40.in-addr.arpa udp
US 8.8.8.8:53 196.249.167.52.in-addr.arpa udp
US 209.197.3.8:80 tcp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 209.197.3.8:80 tcp
US 8.8.8.8:53 13.86.106.20.in-addr.arpa udp
US 20.189.173.10:443 tcp
US 209.197.3.8:80 tcp
US 8.8.8.8:53 73.254.224.20.in-addr.arpa udp
US 8.8.8.8:53 240.232.229.192.in-addr.arpa udp
US 8.8.8.8:53 104.219.191.52.in-addr.arpa udp
US 209.197.3.8:80 tcp
NL 173.223.113.164:443 tcp
NL 173.223.113.131:80 tcp
US 204.79.197.203:80 tcp
US 8.8.8.8:53 209.78.101.95.in-addr.arpa udp

Files

N/A

Analysis: behavioral16

Detonation Overview

Submitted

2023-04-09 01:44

Reported

2023-04-09 01:47

Platform

win10v2004-20230220-en

Max time kernel

58s

Max time network

130s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuDataGridView.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuDataGridView.dll,#1

Network

Country Destination Domain Proto
US 8.8.8.8:53 241.150.49.20.in-addr.arpa udp
US 8.8.8.8:53 14.160.190.20.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 13.86.106.20.in-addr.arpa udp
US 20.42.73.26:443 tcp
US 8.8.8.8:53 15.164.165.52.in-addr.arpa udp
US 8.8.8.8:53 1.77.109.52.in-addr.arpa udp
US 209.197.3.8:80 tcp
US 209.197.3.8:80 tcp
US 209.197.3.8:80 tcp
NL 173.223.113.164:443 tcp
US 204.79.197.203:80 tcp

Files

N/A

Analysis: behavioral19

Detonation Overview

Submitted

2023-04-09 01:44

Reported

2023-04-09 01:47

Platform

win7-20230220-en

Max time kernel

27s

Max time network

31s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuDropdown.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuDropdown.dll,#1

Network

N/A

Files

N/A

Analysis: behavioral24

Detonation Overview

Submitted

2023-04-09 01:44

Reported

2023-04-09 01:47

Platform

win10v2004-20230220-en

Max time kernel

65s

Max time network

128s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuGauge.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuGauge.dll,#1

Network

Country Destination Domain Proto
US 117.18.232.240:80 tcp
US 8.8.8.8:53 154.239.44.20.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 13.86.106.20.in-addr.arpa udp
US 52.152.110.14:443 tcp
IE 13.69.239.74:443 tcp
US 8.8.8.8:53 176.122.125.40.in-addr.arpa udp
NL 173.223.113.164:443 tcp
NL 173.223.113.131:80 tcp
US 131.253.33.203:80 tcp
US 8.8.8.8:53 73.254.224.20.in-addr.arpa udp

Files

N/A

Analysis: behavioral25

Detonation Overview

Submitted

2023-04-09 01:44

Reported

2023-04-09 01:47

Platform

win7-20230220-en

Max time kernel

18s

Max time network

32s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuGradientPanel.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuGradientPanel.dll,#1

Network

N/A

Files

N/A

Analysis: behavioral28

Detonation Overview

Submitted

2023-04-09 01:44

Reported

2023-04-09 01:47

Platform

win10v2004-20230220-en

Max time kernel

82s

Max time network

153s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuGroupBox.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuGroupBox.dll,#1

Network

Country Destination Domain Proto
US 8.8.8.8:53 241.150.49.20.in-addr.arpa udp
NL 88.221.25.155:80 tcp
US 8.8.8.8:53 8.3.197.209.in-addr.arpa udp
US 8.8.8.8:53 69.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 108.211.229.192.in-addr.arpa udp
US 8.8.8.8:53 28.118.140.52.in-addr.arpa udp
US 8.8.8.8:53 240.232.18.117.in-addr.arpa udp
US 8.8.8.8:53 154.239.44.20.in-addr.arpa udp
IE 20.54.89.15:443 tcp
US 8.8.8.8:53 233.141.123.20.in-addr.arpa udp
US 8.8.8.8:53 56.126.166.20.in-addr.arpa udp
US 8.8.8.8:53 56.126.166.20.in-addr.arpa udp
US 8.8.8.8:53 2.36.159.162.in-addr.arpa udp
US 8.8.8.8:53 176.122.125.40.in-addr.arpa udp
US 8.8.8.8:53 254.178.238.8.in-addr.arpa udp

Files

N/A

Analysis: behavioral7

Detonation Overview

Submitted

2023-04-09 01:44

Reported

2023-04-09 01:47

Platform

win7-20230220-en

Max time kernel

20s

Max time network

34s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuButton.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuButton.dll,#1

Network

N/A

Files

N/A

Analysis: behavioral21

Detonation Overview

Submitted

2023-04-09 01:44

Reported

2023-04-09 01:47

Platform

win7-20230220-en

Max time kernel

25s

Max time network

32s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuFormDock.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuFormDock.dll,#1

Network

N/A

Files

N/A

Analysis: behavioral22

Detonation Overview

Submitted

2023-04-09 01:44

Reported

2023-04-09 01:47

Platform

win10v2004-20230221-en

Max time kernel

128s

Max time network

131s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuFormDock.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuFormDock.dll,#1

Network

Country Destination Domain Proto
US 40.77.2.164:443 tcp
US 8.8.8.8:53 164.2.77.40.in-addr.arpa udp
US 8.8.8.8:53 14.110.152.52.in-addr.arpa udp
US 52.152.110.14:443 tcp
US 8.8.8.8:53 196.249.167.52.in-addr.arpa udp
US 93.184.221.240:80 tcp
US 8.8.8.8:53 2.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 103.169.127.40.in-addr.arpa udp
US 8.8.8.8:53 103.169.127.40.in-addr.arpa udp
US 8.8.8.8:53 2.36.159.162.in-addr.arpa udp
US 8.8.8.8:53 86.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 8.3.197.209.in-addr.arpa udp
US 8.8.8.8:53 4.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 28.118.140.52.in-addr.arpa udp
US 93.184.221.240:80 tcp
NL 173.223.113.164:443 tcp
NL 173.223.113.131:80 tcp
US 204.79.197.203:80 tcp

Files

N/A

Analysis: behavioral32

Detonation Overview

Submitted

2023-04-09 01:44

Reported

2023-04-09 01:47

Platform

win10v2004-20230220-en

Max time kernel

60s

Max time network

153s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuLabel.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuLabel.dll,#1

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.3.197.209.in-addr.arpa udp
US 8.8.8.8:53 149.220.183.52.in-addr.arpa udp
US 117.18.237.29:80 tcp
US 8.8.8.8:53 13.86.106.20.in-addr.arpa udp
US 20.189.173.1:443 tcp
NL 8.238.177.126:80 tcp
NL 173.223.113.164:443 tcp
NL 173.223.113.131:80 tcp
US 8.8.8.8:53 233.141.123.20.in-addr.arpa udp
NL 8.238.177.126:80 tcp

Files

N/A

Analysis: behavioral3

Detonation Overview

Submitted

2023-04-09 01:44

Reported

2023-04-09 01:47

Platform

win7-20230220-en

Max time kernel

27s

Max time network

31s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.Licensing.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.Licensing.dll,#1

Network

N/A

Files

N/A

Analysis: behavioral18

Detonation Overview

Submitted

2023-04-09 01:44

Reported

2023-04-09 01:47

Platform

win10v2004-20230220-en

Max time kernel

101s

Max time network

124s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuDatePicker.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuDatePicker.dll,#1

Network

Country Destination Domain Proto
US 8.8.8.8:53 52.194.44.20.in-addr.arpa udp
US 8.8.8.8:53 176.122.125.40.in-addr.arpa udp
US 8.8.8.8:53 196.249.167.52.in-addr.arpa udp
US 8.8.8.8:53 151.122.125.40.in-addr.arpa udp
US 8.8.8.8:53 177.17.30.184.in-addr.arpa udp
US 93.184.220.29:80 tcp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 84.150.43.20.in-addr.arpa udp
US 8.8.8.8:53 241.150.49.20.in-addr.arpa udp
US 8.8.8.8:53 1.77.109.52.in-addr.arpa udp
US 8.8.8.8:53 5.233.140.95.in-addr.arpa udp
US 93.184.221.240:80 tcp

Files

N/A

Analysis: behavioral20

Detonation Overview

Submitted

2023-04-09 01:44

Reported

2023-04-09 01:47

Platform

win10v2004-20230220-en

Max time kernel

155s

Max time network

163s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuDropdown.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuDropdown.dll,#1

Network

Country Destination Domain Proto
BE 8.238.110.126:80 tcp
US 8.8.8.8:53 154.239.44.20.in-addr.arpa udp
US 8.8.8.8:53 4.159.190.20.in-addr.arpa udp
BE 8.238.110.126:80 tcp
BE 8.238.110.126:80 tcp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 52.152.110.14:443 tcp
US 8.8.8.8:53 232.168.11.51.in-addr.arpa udp
NL 20.50.201.195:443 tcp
US 8.8.8.8:53 8.3.197.209.in-addr.arpa udp
US 52.152.110.14:443 tcp
NL 173.223.113.164:443 tcp
NL 173.223.113.131:80 tcp
US 131.253.33.203:80 tcp
US 8.8.8.8:53 1.77.109.52.in-addr.arpa udp
US 93.184.220.29:80 tcp
US 52.152.110.14:443 tcp
US 8.8.8.8:53 254.178.238.8.in-addr.arpa udp
US 52.152.110.14:443 tcp
US 52.152.110.14:443 tcp
US 52.152.110.14:443 tcp
US 52.152.110.14:443 tcp

Files

N/A

Analysis: behavioral26

Detonation Overview

Submitted

2023-04-09 01:44

Reported

2023-04-09 01:47

Platform

win10v2004-20230220-en

Max time kernel

75s

Max time network

150s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuGradientPanel.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuGradientPanel.dll,#1

Network

Country Destination Domain Proto
US 8.8.8.8:53 154.239.44.20.in-addr.arpa udp
US 8.8.8.8:53 2.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 108.211.229.192.in-addr.arpa udp
US 8.8.8.8:53 228.249.119.40.in-addr.arpa udp
US 8.8.8.8:53 171.39.242.20.in-addr.arpa udp
US 13.89.179.8:443 tcp
US 8.8.8.8:53 103.169.127.40.in-addr.arpa udp
US 8.8.8.8:53 2.36.159.162.in-addr.arpa udp
US 8.8.8.8:53 103.169.127.40.in-addr.arpa udp
US 8.8.8.8:53 233.141.123.20.in-addr.arpa udp

Files

N/A

Analysis: behavioral6

Detonation Overview

Submitted

2023-04-09 01:44

Reported

2023-04-09 01:47

Platform

win10v2004-20230220-en

Max time kernel

91s

Max time network

154s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.1.5.3.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.1.5.3.dll,#1

Network

Country Destination Domain Proto
US 8.8.8.8:53 13.86.106.20.in-addr.arpa udp
US 8.8.8.8:53 95.143.109.104.in-addr.arpa udp
NL 173.223.113.164:443 tcp
NL 173.223.113.131:80 tcp
US 8.8.8.8:53 176.122.125.40.in-addr.arpa udp
US 8.8.8.8:53 28.118.140.52.in-addr.arpa udp
US 8.8.8.8:53 143.145.190.20.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 20.189.173.15:443 tcp
NL 173.223.113.131:80 tcp
US 8.8.8.8:53 1.77.109.52.in-addr.arpa udp
US 8.8.8.8:53 254.178.238.8.in-addr.arpa udp

Files

N/A

Analysis: behavioral8

Detonation Overview

Submitted

2023-04-09 01:44

Reported

2023-04-09 01:47

Platform

win10v2004-20230220-en

Max time kernel

83s

Max time network

155s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuButton.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuButton.dll,#1

Network

Country Destination Domain Proto
US 8.8.8.8:53 154.239.44.20.in-addr.arpa udp
US 8.8.8.8:53 0.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 20.42.65.89:443 tcp
NL 8.238.20.126:80 tcp
NL 8.238.177.126:80 tcp
NL 173.223.113.164:443 tcp
NL 173.223.113.131:80 tcp
US 8.8.8.8:53 44.8.109.52.in-addr.arpa udp
NL 8.238.177.126:80 tcp
NL 8.238.177.126:80 tcp

Files

N/A

Analysis: behavioral10

Detonation Overview

Submitted

2023-04-09 01:44

Reported

2023-04-09 01:47

Platform

win10v2004-20230220-en

Max time kernel

84s

Max time network

146s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuCheckBox.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuCheckBox.dll,#1

Network

Country Destination Domain Proto
US 209.197.3.8:80 tcp
US 8.8.8.8:53 241.150.49.20.in-addr.arpa udp
US 8.8.8.8:53 69.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 108.211.229.192.in-addr.arpa udp
US 8.8.8.8:53 13.86.106.20.in-addr.arpa udp
US 52.152.108.96:443 tcp
FR 40.79.141.154:443 tcp
US 13.107.4.50:80 tcp
NL 173.223.113.164:443 tcp
NL 173.223.113.131:80 tcp
US 204.79.197.203:80 tcp
US 8.8.8.8:53 151.122.125.40.in-addr.arpa udp
US 8.8.8.8:53 2.36.159.162.in-addr.arpa udp
US 8.8.8.8:53 1.77.109.52.in-addr.arpa udp
DE 162.19.139.184:2222 tcp
US 8.8.8.8:53 228.249.119.40.in-addr.arpa udp
US 8.8.8.8:53 86.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 86.23.85.13.in-addr.arpa udp
US 209.197.3.8:80 tcp
US 8.8.8.8:53 254.178.238.8.in-addr.arpa udp

Files

N/A

Analysis: behavioral13

Detonation Overview

Submitted

2023-04-09 01:44

Reported

2023-04-09 01:47

Platform

win7-20230220-en

Max time kernel

29s

Max time network

33s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuColorTransition.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuColorTransition.dll,#1

Network

N/A

Files

N/A

Analysis: behavioral15

Detonation Overview

Submitted

2023-04-09 01:44

Reported

2023-04-09 01:47

Platform

win7-20230220-en

Max time kernel

27s

Max time network

33s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuDataGridView.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuDataGridView.dll,#1

Network

N/A

Files

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2023-04-09 01:44

Reported

2023-04-09 01:47

Platform

win7-20230220-en

Max time kernel

30s

Max time network

34s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\BouncyCastle.Crypto.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\BouncyCastle.Crypto.dll,#1

Network

N/A

Files

N/A

Analysis: behavioral9

Detonation Overview

Submitted

2023-04-09 01:44

Reported

2023-04-09 01:47

Platform

win7-20230220-en

Max time kernel

30s

Max time network

33s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuCheckBox.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuCheckBox.dll,#1

Network

N/A

Files

N/A

Analysis: behavioral14

Detonation Overview

Submitted

2023-04-09 01:44

Reported

2023-04-09 01:47

Platform

win10v2004-20230220-en

Max time kernel

135s

Max time network

155s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuColorTransition.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuColorTransition.dll,#1

Network

Country Destination Domain Proto
US 8.8.8.8:53 241.150.49.20.in-addr.arpa udp
US 8.8.8.8:53 108.211.229.192.in-addr.arpa udp
US 52.152.110.14:443 tcp
US 52.168.112.66:443 tcp
US 52.152.110.14:443 tcp
US 8.8.8.8:53 233.141.123.20.in-addr.arpa udp
US 209.197.3.8:80 tcp
NL 173.223.113.164:443 tcp
NL 173.223.113.131:80 tcp
US 204.79.197.203:80 tcp
US 52.152.110.14:443 tcp
US 52.152.110.14:443 tcp
US 52.152.110.14:443 tcp
US 52.152.110.14:443 tcp

Files

N/A

Analysis: behavioral17

Detonation Overview

Submitted

2023-04-09 01:44

Reported

2023-04-09 01:47

Platform

win7-20230220-en

Max time kernel

29s

Max time network

33s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuDatePicker.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuDatePicker.dll,#1

Network

N/A

Files

N/A

Analysis: behavioral23

Detonation Overview

Submitted

2023-04-09 01:44

Reported

2023-04-09 01:47

Platform

win7-20230220-en

Max time kernel

29s

Max time network

34s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuGauge.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuGauge.dll,#1

Network

N/A

Files

N/A

Analysis: behavioral27

Detonation Overview

Submitted

2023-04-09 01:44

Reported

2023-04-09 01:47

Platform

win7-20230220-en

Max time kernel

25s

Max time network

31s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuGroupBox.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuGroupBox.dll,#1

Network

N/A

Files

N/A

Analysis: behavioral30

Detonation Overview

Submitted

2023-04-09 01:44

Reported

2023-04-09 01:47

Platform

win10v2004-20230220-en

Max time kernel

80s

Max time network

125s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuImageButton.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuImageButton.dll,#1

Network

Country Destination Domain Proto
US 8.8.8.8:53 176.122.125.40.in-addr.arpa udp
US 8.8.8.8:53 196.249.167.52.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 149.220.183.52.in-addr.arpa udp
US 8.8.8.8:53 13.86.106.20.in-addr.arpa udp
US 8.8.8.8:53 15.164.165.52.in-addr.arpa udp
US 8.8.8.8:53 5.233.140.95.in-addr.arpa udp
US 20.42.73.24:443 tcp
US 8.8.8.8:53 233.141.123.20.in-addr.arpa udp
US 209.197.3.8:80 tcp
US 209.197.3.8:80 tcp
US 209.197.3.8:80 tcp
NL 173.223.113.164:443 tcp

Files

N/A

Analysis: behavioral4

Detonation Overview

Submitted

2023-04-09 01:44

Reported

2023-04-09 01:47

Platform

win10v2004-20230220-en

Max time kernel

117s

Max time network

137s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.Licensing.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.Licensing.dll,#1

Network

Country Destination Domain Proto
US 209.197.3.8:80 tcp
US 8.8.8.8:53 58.55.71.13.in-addr.arpa udp
US 8.8.8.8:53 76.38.195.152.in-addr.arpa udp
US 8.8.8.8:53 228.249.119.40.in-addr.arpa udp
US 8.8.8.8:53 241.150.49.20.in-addr.arpa udp
US 52.152.110.14:443 tcp
US 52.152.110.14:443 tcp
US 8.8.8.8:53 233.141.123.20.in-addr.arpa udp
US 52.152.110.14:443 tcp
NL 173.223.113.164:443 tcp
US 8.8.8.8:53 176.122.125.40.in-addr.arpa udp
US 8.8.8.8:53 151.122.125.40.in-addr.arpa udp

Files

N/A

Analysis: behavioral5

Detonation Overview

Submitted

2023-04-09 01:44

Reported

2023-04-09 01:47

Platform

win7-20230220-en

Max time kernel

30s

Max time network

34s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.1.5.3.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.1.5.3.dll,#1

Network

N/A

Files

N/A

Analysis: behavioral11

Detonation Overview

Submitted

2023-04-09 01:44

Reported

2023-04-09 01:47

Platform

win7-20230220-en

Max time kernel

20s

Max time network

35s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuCircleProgress.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuCircleProgress.dll,#1

Network

N/A

Files

N/A

Analysis: behavioral29

Detonation Overview

Submitted

2023-04-09 01:44

Reported

2023-04-09 01:47

Platform

win7-20230220-en

Max time kernel

30s

Max time network

34s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuImageButton.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuImageButton.dll,#1

Network

N/A

Files

N/A

Analysis: behavioral31

Detonation Overview

Submitted

2023-04-09 01:44

Reported

2023-04-09 01:47

Platform

win7-20230220-en

Max time kernel

30s

Max time network

34s

Command Line

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuLabel.dll,#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuLabel.dll,#1

Network

N/A

Files

N/A