Analysis Overview
SHA256
05e2eecbb6b1effa3d1662c538d912b846639bb14e5b7c03f18a69ce41e885e4
Threat Level: Shows suspicious behavior
The file ee6dd73e3cd04adad8fed498a8a51571.bin was found to be: Shows suspicious behavior.
Malicious Activity Summary
Obfuscated with Agile.Net obfuscator
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2023-04-09 01:44
Signatures
Obfuscated with Agile.Net obfuscator
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Analysis: behavioral2
Detonation Overview
Submitted
2023-04-09 01:44
Reported
2023-04-09 01:47
Platform
win10v2004-20230220-en
Max time kernel
70s
Max time network
153s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\BouncyCastle.Crypto.dll,#1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 93.184.220.29:80 | tcp | |
| US | 93.184.220.29:80 | tcp | |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.118.140.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 20.189.173.5:443 | tcp | |
| NL | 173.223.113.164:443 | tcp | |
| NL | 173.223.113.131:80 | tcp | |
| US | 8.8.8.8:53 | 45.8.109.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 176.122.125.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.36.159.162.in-addr.arpa | udp |
| NL | 8.238.177.126:80 | tcp |
Files
Analysis: behavioral12
Detonation Overview
Submitted
2023-04-09 01:44
Reported
2023-04-09 01:47
Platform
win10v2004-20230221-en
Max time kernel
105s
Max time network
144s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuCircleProgress.dll,#1
Network
| Country | Destination | Domain | Proto |
| US | 209.197.3.8:80 | tcp | |
| US | 209.197.3.8:80 | tcp | |
| US | 8.8.8.8:53 | 176.122.125.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.249.167.52.in-addr.arpa | udp |
| US | 209.197.3.8:80 | tcp | |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 209.197.3.8:80 | tcp | |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 20.189.173.10:443 | tcp | |
| US | 209.197.3.8:80 | tcp | |
| US | 8.8.8.8:53 | 73.254.224.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.232.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 209.197.3.8:80 | tcp | |
| NL | 173.223.113.164:443 | tcp | |
| NL | 173.223.113.131:80 | tcp | |
| US | 204.79.197.203:80 | tcp | |
| US | 8.8.8.8:53 | 209.78.101.95.in-addr.arpa | udp |
Files
Analysis: behavioral16
Detonation Overview
Submitted
2023-04-09 01:44
Reported
2023-04-09 01:47
Platform
win10v2004-20230220-en
Max time kernel
58s
Max time network
130s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuDataGridView.dll,#1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 241.150.49.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 20.42.73.26:443 | tcp | |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.77.109.52.in-addr.arpa | udp |
| US | 209.197.3.8:80 | tcp | |
| US | 209.197.3.8:80 | tcp | |
| US | 209.197.3.8:80 | tcp | |
| NL | 173.223.113.164:443 | tcp | |
| US | 204.79.197.203:80 | tcp |
Files
Analysis: behavioral19
Detonation Overview
Submitted
2023-04-09 01:44
Reported
2023-04-09 01:47
Platform
win7-20230220-en
Max time kernel
27s
Max time network
31s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuDropdown.dll,#1
Network
Files
Analysis: behavioral24
Detonation Overview
Submitted
2023-04-09 01:44
Reported
2023-04-09 01:47
Platform
win10v2004-20230220-en
Max time kernel
65s
Max time network
128s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuGauge.dll,#1
Network
| Country | Destination | Domain | Proto |
| US | 117.18.232.240:80 | tcp | |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 52.152.110.14:443 | tcp | |
| IE | 13.69.239.74:443 | tcp | |
| US | 8.8.8.8:53 | 176.122.125.40.in-addr.arpa | udp |
| NL | 173.223.113.164:443 | tcp | |
| NL | 173.223.113.131:80 | tcp | |
| US | 131.253.33.203:80 | tcp | |
| US | 8.8.8.8:53 | 73.254.224.20.in-addr.arpa | udp |
Files
Analysis: behavioral25
Detonation Overview
Submitted
2023-04-09 01:44
Reported
2023-04-09 01:47
Platform
win7-20230220-en
Max time kernel
18s
Max time network
32s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuGradientPanel.dll,#1
Network
Files
Analysis: behavioral28
Detonation Overview
Submitted
2023-04-09 01:44
Reported
2023-04-09 01:47
Platform
win10v2004-20230220-en
Max time kernel
82s
Max time network
153s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuGroupBox.dll,#1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 241.150.49.20.in-addr.arpa | udp |
| NL | 88.221.25.155:80 | tcp | |
| US | 8.8.8.8:53 | 8.3.197.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.211.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.118.140.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.232.18.117.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| IE | 20.54.89.15:443 | tcp | |
| US | 8.8.8.8:53 | 233.141.123.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.126.166.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.126.166.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.36.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 176.122.125.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 254.178.238.8.in-addr.arpa | udp |
Files
Analysis: behavioral7
Detonation Overview
Submitted
2023-04-09 01:44
Reported
2023-04-09 01:47
Platform
win7-20230220-en
Max time kernel
20s
Max time network
34s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuButton.dll,#1
Network
Files
Analysis: behavioral21
Detonation Overview
Submitted
2023-04-09 01:44
Reported
2023-04-09 01:47
Platform
win7-20230220-en
Max time kernel
25s
Max time network
32s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuFormDock.dll,#1
Network
Files
Analysis: behavioral22
Detonation Overview
Submitted
2023-04-09 01:44
Reported
2023-04-09 01:47
Platform
win10v2004-20230221-en
Max time kernel
128s
Max time network
131s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuFormDock.dll,#1
Network
| Country | Destination | Domain | Proto |
| US | 40.77.2.164:443 | tcp | |
| US | 8.8.8.8:53 | 164.2.77.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.110.152.52.in-addr.arpa | udp |
| US | 52.152.110.14:443 | tcp | |
| US | 8.8.8.8:53 | 196.249.167.52.in-addr.arpa | udp |
| US | 93.184.221.240:80 | tcp | |
| US | 8.8.8.8:53 | 2.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.169.127.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.169.127.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.36.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.3.197.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.118.140.52.in-addr.arpa | udp |
| US | 93.184.221.240:80 | tcp | |
| NL | 173.223.113.164:443 | tcp | |
| NL | 173.223.113.131:80 | tcp | |
| US | 204.79.197.203:80 | tcp |
Files
Analysis: behavioral32
Detonation Overview
Submitted
2023-04-09 01:44
Reported
2023-04-09 01:47
Platform
win10v2004-20230220-en
Max time kernel
60s
Max time network
153s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuLabel.dll,#1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.3.197.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.220.183.52.in-addr.arpa | udp |
| US | 117.18.237.29:80 | tcp | |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 20.189.173.1:443 | tcp | |
| NL | 8.238.177.126:80 | tcp | |
| NL | 173.223.113.164:443 | tcp | |
| NL | 173.223.113.131:80 | tcp | |
| US | 8.8.8.8:53 | 233.141.123.20.in-addr.arpa | udp |
| NL | 8.238.177.126:80 | tcp |
Files
Analysis: behavioral3
Detonation Overview
Submitted
2023-04-09 01:44
Reported
2023-04-09 01:47
Platform
win7-20230220-en
Max time kernel
27s
Max time network
31s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.Licensing.dll,#1
Network
Files
Analysis: behavioral18
Detonation Overview
Submitted
2023-04-09 01:44
Reported
2023-04-09 01:47
Platform
win10v2004-20230220-en
Max time kernel
101s
Max time network
124s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuDatePicker.dll,#1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 52.194.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 176.122.125.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.249.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 151.122.125.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 177.17.30.184.in-addr.arpa | udp |
| US | 93.184.220.29:80 | tcp | |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.150.43.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.150.49.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.77.109.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 5.233.140.95.in-addr.arpa | udp |
| US | 93.184.221.240:80 | tcp |
Files
Analysis: behavioral20
Detonation Overview
Submitted
2023-04-09 01:44
Reported
2023-04-09 01:47
Platform
win10v2004-20230220-en
Max time kernel
155s
Max time network
163s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuDropdown.dll,#1
Network
| Country | Destination | Domain | Proto |
| BE | 8.238.110.126:80 | tcp | |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.159.190.20.in-addr.arpa | udp |
| BE | 8.238.110.126:80 | tcp | |
| BE | 8.238.110.126:80 | tcp | |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 52.152.110.14:443 | tcp | |
| US | 8.8.8.8:53 | 232.168.11.51.in-addr.arpa | udp |
| NL | 20.50.201.195:443 | tcp | |
| US | 8.8.8.8:53 | 8.3.197.209.in-addr.arpa | udp |
| US | 52.152.110.14:443 | tcp | |
| NL | 173.223.113.164:443 | tcp | |
| NL | 173.223.113.131:80 | tcp | |
| US | 131.253.33.203:80 | tcp | |
| US | 8.8.8.8:53 | 1.77.109.52.in-addr.arpa | udp |
| US | 93.184.220.29:80 | tcp | |
| US | 52.152.110.14:443 | tcp | |
| US | 8.8.8.8:53 | 254.178.238.8.in-addr.arpa | udp |
| US | 52.152.110.14:443 | tcp | |
| US | 52.152.110.14:443 | tcp | |
| US | 52.152.110.14:443 | tcp | |
| US | 52.152.110.14:443 | tcp |
Files
Analysis: behavioral26
Detonation Overview
Submitted
2023-04-09 01:44
Reported
2023-04-09 01:47
Platform
win10v2004-20230220-en
Max time kernel
75s
Max time network
150s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuGradientPanel.dll,#1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.211.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.249.119.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 13.89.179.8:443 | tcp | |
| US | 8.8.8.8:53 | 103.169.127.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.36.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.169.127.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.141.123.20.in-addr.arpa | udp |
Files
Analysis: behavioral6
Detonation Overview
Submitted
2023-04-09 01:44
Reported
2023-04-09 01:47
Platform
win10v2004-20230220-en
Max time kernel
91s
Max time network
154s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.1.5.3.dll,#1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.143.109.104.in-addr.arpa | udp |
| NL | 173.223.113.164:443 | tcp | |
| NL | 173.223.113.131:80 | tcp | |
| US | 8.8.8.8:53 | 176.122.125.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.118.140.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 143.145.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 20.189.173.15:443 | tcp | |
| NL | 173.223.113.131:80 | tcp | |
| US | 8.8.8.8:53 | 1.77.109.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 254.178.238.8.in-addr.arpa | udp |
Files
Analysis: behavioral8
Detonation Overview
Submitted
2023-04-09 01:44
Reported
2023-04-09 01:47
Platform
win10v2004-20230220-en
Max time kernel
83s
Max time network
155s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuButton.dll,#1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 20.42.65.89:443 | tcp | |
| NL | 8.238.20.126:80 | tcp | |
| NL | 8.238.177.126:80 | tcp | |
| NL | 173.223.113.164:443 | tcp | |
| NL | 173.223.113.131:80 | tcp | |
| US | 8.8.8.8:53 | 44.8.109.52.in-addr.arpa | udp |
| NL | 8.238.177.126:80 | tcp | |
| NL | 8.238.177.126:80 | tcp |
Files
Analysis: behavioral10
Detonation Overview
Submitted
2023-04-09 01:44
Reported
2023-04-09 01:47
Platform
win10v2004-20230220-en
Max time kernel
84s
Max time network
146s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuCheckBox.dll,#1
Network
| Country | Destination | Domain | Proto |
| US | 209.197.3.8:80 | tcp | |
| US | 8.8.8.8:53 | 241.150.49.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.211.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 52.152.108.96:443 | tcp | |
| FR | 40.79.141.154:443 | tcp | |
| US | 13.107.4.50:80 | tcp | |
| NL | 173.223.113.164:443 | tcp | |
| NL | 173.223.113.131:80 | tcp | |
| US | 204.79.197.203:80 | tcp | |
| US | 8.8.8.8:53 | 151.122.125.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.36.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.77.109.52.in-addr.arpa | udp |
| DE | 162.19.139.184:2222 | tcp | |
| US | 8.8.8.8:53 | 228.249.119.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.23.85.13.in-addr.arpa | udp |
| US | 209.197.3.8:80 | tcp | |
| US | 8.8.8.8:53 | 254.178.238.8.in-addr.arpa | udp |
Files
Analysis: behavioral13
Detonation Overview
Submitted
2023-04-09 01:44
Reported
2023-04-09 01:47
Platform
win7-20230220-en
Max time kernel
29s
Max time network
33s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuColorTransition.dll,#1
Network
Files
Analysis: behavioral15
Detonation Overview
Submitted
2023-04-09 01:44
Reported
2023-04-09 01:47
Platform
win7-20230220-en
Max time kernel
27s
Max time network
33s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuDataGridView.dll,#1
Network
Files
Analysis: behavioral1
Detonation Overview
Submitted
2023-04-09 01:44
Reported
2023-04-09 01:47
Platform
win7-20230220-en
Max time kernel
30s
Max time network
34s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\BouncyCastle.Crypto.dll,#1
Network
Files
Analysis: behavioral9
Detonation Overview
Submitted
2023-04-09 01:44
Reported
2023-04-09 01:47
Platform
win7-20230220-en
Max time kernel
30s
Max time network
33s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuCheckBox.dll,#1
Network
Files
Analysis: behavioral14
Detonation Overview
Submitted
2023-04-09 01:44
Reported
2023-04-09 01:47
Platform
win10v2004-20230220-en
Max time kernel
135s
Max time network
155s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuColorTransition.dll,#1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 241.150.49.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.211.229.192.in-addr.arpa | udp |
| US | 52.152.110.14:443 | tcp | |
| US | 52.168.112.66:443 | tcp | |
| US | 52.152.110.14:443 | tcp | |
| US | 8.8.8.8:53 | 233.141.123.20.in-addr.arpa | udp |
| US | 209.197.3.8:80 | tcp | |
| NL | 173.223.113.164:443 | tcp | |
| NL | 173.223.113.131:80 | tcp | |
| US | 204.79.197.203:80 | tcp | |
| US | 52.152.110.14:443 | tcp | |
| US | 52.152.110.14:443 | tcp | |
| US | 52.152.110.14:443 | tcp | |
| US | 52.152.110.14:443 | tcp |
Files
Analysis: behavioral17
Detonation Overview
Submitted
2023-04-09 01:44
Reported
2023-04-09 01:47
Platform
win7-20230220-en
Max time kernel
29s
Max time network
33s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuDatePicker.dll,#1
Network
Files
Analysis: behavioral23
Detonation Overview
Submitted
2023-04-09 01:44
Reported
2023-04-09 01:47
Platform
win7-20230220-en
Max time kernel
29s
Max time network
34s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuGauge.dll,#1
Network
Files
Analysis: behavioral27
Detonation Overview
Submitted
2023-04-09 01:44
Reported
2023-04-09 01:47
Platform
win7-20230220-en
Max time kernel
25s
Max time network
31s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuGroupBox.dll,#1
Network
Files
Analysis: behavioral30
Detonation Overview
Submitted
2023-04-09 01:44
Reported
2023-04-09 01:47
Platform
win10v2004-20230220-en
Max time kernel
80s
Max time network
125s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuImageButton.dll,#1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 176.122.125.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.249.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.220.183.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 5.233.140.95.in-addr.arpa | udp |
| US | 20.42.73.24:443 | tcp | |
| US | 8.8.8.8:53 | 233.141.123.20.in-addr.arpa | udp |
| US | 209.197.3.8:80 | tcp | |
| US | 209.197.3.8:80 | tcp | |
| US | 209.197.3.8:80 | tcp | |
| NL | 173.223.113.164:443 | tcp |
Files
Analysis: behavioral4
Detonation Overview
Submitted
2023-04-09 01:44
Reported
2023-04-09 01:47
Platform
win10v2004-20230220-en
Max time kernel
117s
Max time network
137s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.Licensing.dll,#1
Network
| Country | Destination | Domain | Proto |
| US | 209.197.3.8:80 | tcp | |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.38.195.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.249.119.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.150.49.20.in-addr.arpa | udp |
| US | 52.152.110.14:443 | tcp | |
| US | 52.152.110.14:443 | tcp | |
| US | 8.8.8.8:53 | 233.141.123.20.in-addr.arpa | udp |
| US | 52.152.110.14:443 | tcp | |
| NL | 173.223.113.164:443 | tcp | |
| US | 8.8.8.8:53 | 176.122.125.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 151.122.125.40.in-addr.arpa | udp |
Files
Analysis: behavioral5
Detonation Overview
Submitted
2023-04-09 01:44
Reported
2023-04-09 01:47
Platform
win7-20230220-en
Max time kernel
30s
Max time network
34s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.1.5.3.dll,#1
Network
Files
Analysis: behavioral11
Detonation Overview
Submitted
2023-04-09 01:44
Reported
2023-04-09 01:47
Platform
win7-20230220-en
Max time kernel
20s
Max time network
35s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuCircleProgress.dll,#1
Network
Files
Analysis: behavioral29
Detonation Overview
Submitted
2023-04-09 01:44
Reported
2023-04-09 01:47
Platform
win7-20230220-en
Max time kernel
30s
Max time network
34s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuImageButton.dll,#1
Network
Files
Analysis: behavioral31
Detonation Overview
Submitted
2023-04-09 01:44
Reported
2023-04-09 01:47
Platform
win7-20230220-en
Max time kernel
30s
Max time network
34s
Command Line
Signatures
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\Debug\Bunifu.UI.WinForms.BunifuLabel.dll,#1