Overview

overview

8

Static

static

3

sddp-17.2....up.zip

windows10-1703-x64

1

SddpReleas...ng.pdf

windows10-1703-x64

1

SddpReleas...sp.pdf

windows10-1703-x64

1

SddpReleas...or.pdf

windows10-1703-x64

1

changelog.txt

windows10-1703-x64

1

online-changelog.url

windows10-1703-x64

7

sddp-17.2....up.exe

windows10-1703-x64

8

Resubmissions

09/05/2023, 17:51 UTC

230509-wfk5mafb5t 8

09/05/2023, 17:46 UTC

230509-wb98ysfb3x 7

08/05/2023, 22:53 UTC

230508-2vgcwaeh8s 7

Analysis

  • max time kernel
    398s
  • max time network
    441s
  • platform
    windows10-1703_x64
  • resource
    win10-20230220-en
  • resource tags

    arch:x64arch:x86image:win10-20230220-enlocale:en-usos:windows10-1703-x64system
  • submitted
    09/05/2023, 17:51 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    sddp-17.2.4rc1-setup.zip

  • Size

    134.3MB

  • MD5

    337781bb71eb8d72976d4aeb9b05bd5c

  • SHA1

    481967deb47a66320a9fdd89d6c9f08d78b186b5

  • SHA256

    0f71c6bbe9353075c70df8fa35b8ae16ba04c87d2f40b4a53d97481afc30b1f1

  • SHA512

    7bf0e943861f535947197a820260632e5d1a97069c791029431fedcd1ce685e60587b9891eefaa748b2fb95de95486a161a7c351b102dacbec3ee4c21de5ebca

  • SSDEEP

    3145728:EluV2j8rnmxkOZZ01itPuJFR6WZO23u0NvZBmkvsBcBPoL:Elfjqmqb2uLgWZOTaHHvPU

Score
1/10

Malware Config

Signatures

Processes

  • C:\Windows\Explorer.exe
    C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\sddp-17.2.4rc1-setup.zip
    1⤵
      PID:3124

    Network

    • flag-us
      DNS
      0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.0.8.0.8.0.8.0.ip6.arpa
      Remote address:
      8.8.8.8:53
      Request
      0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.0.8.0.8.0.8.0.ip6.arpa
      IN PTR
      Response
    • flag-us
      DNS
      86.8.109.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      86.8.109.52.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      50.4.107.13.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      50.4.107.13.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      90.16.208.104.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      90.16.208.104.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      95.221.229.192.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      95.221.229.192.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      240.221.184.93.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      240.221.184.93.in-addr.arpa
      IN PTR
      Response
    No results found
    • 8.8.8.8:53
      0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.0.8.0.8.0.8.0.ip6.arpa
      dns
      118 B
       182 B
       1
      1

      DNS Request

      0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.0.8.0.8.0.8.0.ip6.arpa

    • 8.8.8.8:53
      86.8.109.52.in-addr.arpa
      dns
      70 B
       144 B
       1
      1

      DNS Request

      86.8.109.52.in-addr.arpa

    • 8.8.8.8:53
      50.4.107.13.in-addr.arpa
      dns
      70 B
       156 B
       1
      1

      DNS Request

      50.4.107.13.in-addr.arpa

    • 8.8.8.8:53
      90.16.208.104.in-addr.arpa
      dns
      72 B
       146 B
       1
      1

      DNS Request

      90.16.208.104.in-addr.arpa

    • 8.8.8.8:53
      95.221.229.192.in-addr.arpa
      dns
      73 B
       144 B
       1
      1

      DNS Request

      95.221.229.192.in-addr.arpa

    • 8.8.8.8:53
      240.221.184.93.in-addr.arpa
      dns
      73 B
       144 B
       1
      1

      DNS Request

      240.221.184.93.in-addr.arpa

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.