Analysis Overview
SHA256
3c30eee540fd9371e5010a322a99e8a169b4a997145dfda5ded0a76f444268f4
Threat Level: Known bad
The file 10021237008.zip was found to be: Known bad.
Malicious Activity Summary
Systembc family
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2023-04-11 18:09
Signatures
Systembc family
Analysis: behavioral1
Detonation Overview
Submitted
2023-04-11 18:09
Reported
2023-04-11 18:12
Platform
win7-20230220-en
Max time kernel
31s
Max time network
33s
Command Line
Signatures
Processes
C:\Users\Admin\AppData\Local\Temp\13047f8cb7277ad8c1daa6f32cf4ae8029fb6ae9f839ed92d4cae12285ed366b.exe
"C:\Users\Admin\AppData\Local\Temp\13047f8cb7277ad8c1daa6f32cf4ae8029fb6ae9f839ed92d4cae12285ed366b.exe"
Network
| Country | Destination | Domain | Proto |
| LT | 93.115.28.138:443 | tcp |
Files
Analysis: behavioral2
Detonation Overview
Submitted
2023-04-11 18:09
Reported
2023-04-11 18:12
Platform
win10v2004-20230220-en
Max time kernel
81s
Max time network
128s
Command Line
Signatures
Processes
C:\Users\Admin\AppData\Local\Temp\13047f8cb7277ad8c1daa6f32cf4ae8029fb6ae9f839ed92d4cae12285ed366b.exe
"C:\Users\Admin\AppData\Local\Temp\13047f8cb7277ad8c1daa6f32cf4ae8029fb6ae9f839ed92d4cae12285ed366b.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 232.168.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.211.229.192.in-addr.arpa | udp |
| LT | 93.115.28.138:443 | tcp | |
| US | 8.8.8.8:53 | 196.249.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | assets.msn.com | udp |
| GB | 95.101.143.232:443 | assets.msn.com | tcp |
| US | 8.8.8.8:53 | 232.143.101.95.in-addr.arpa | udp |
| US | 40.77.2.164:443 | tcp | |
| US | 8.8.8.8:53 | 151.122.125.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.77.109.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.36.159.162.in-addr.arpa | udp |
| NL | 87.248.202.1:80 | tcp | |
| US | 8.8.8.8:53 | 26.165.165.52.in-addr.arpa | udp |
| NL | 173.223.113.164:443 | tcp | |
| NL | 173.223.113.131:80 | tcp | |
| US | 204.79.197.203:80 | api.msn.com | tcp |