Overview

overview

3

Static

static

3

Desktop Go...mn.dll

windows7-x64

1

Desktop Go...mn.dll

windows10-2004-x64

1

Desktop Go...se.bat

windows7-x64

1

Desktop Go...se.bat

windows10-2004-x64

1

Desktop Go...od.dll

windows7-x64

1

Desktop Go...od.dll

windows10-2004-x64

1

Desktop Go...PI.dll

windows7-x64

1

Desktop Go...PI.dll

windows10-2004-x64

1

Desktop Go...od.dll

windows7-x64

1

Desktop Go...od.dll

windows10-2004-x64

1

Desktop Go...PI.dll

windows7-x64

1

Desktop Go...PI.dll

windows10-2004-x64

1

Desktop Go...PI.dll

windows7-x64

1

Desktop Go...PI.dll

windows10-2004-x64

1

Desktop Go...op.exe

windows7-x64

1

Desktop Go...op.exe

windows10-2004-x64

1

Desktop Go...PI.dll

windows7-x64

1

Desktop Go...PI.dll

windows10-2004-x64

1

Desktop Go...MQ.dll

windows7-x64

1

Desktop Go...MQ.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    74s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22/05/2023, 19:54 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Desktop Goose v0.31/DesktopGoose v0.31/FOR MOD-MAKERS/GooseMod_DefaultSolution/GooseModdingAPI/bin/Release/GooseModdingAPI.dll

  • Size

    16KB

  • MD5

    6f6c8f80d6c36739147b38016bd4b469

  • SHA1

    bf0f81a00ccc595242620b15ade2a0661424d9e3

  • SHA256

    fba607ccfd47e2b6ba04d449f1de10e3b66ba35b7d0e96f71e7c61d0c10486f4

  • SHA512

    1b3d6da8eedc140f3836c60eadc5251870d01db99e72d33ec0b2a585e2e4b2f7e643e2a12ad42f8e6d8704e8af67ca1df728acdbe18c614a1b8f6746d0c3fbc6

  • SSDEEP

    384:nBjGRs3XVRcYEPPPr/TXRTRGYK4swkqUICTy5o:BjGe3XVRvEPPPr/TXRTRGSCTy5o

Score
1/10

Malware Config

Signatures

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe "C:\Users\Admin\AppData\Local\Temp\Desktop Goose v0.31\DesktopGoose v0.31\FOR MOD-MAKERS\GooseMod_DefaultSolution\GooseModdingAPI\bin\Release\GooseModdingAPI.dll",#1
    1⤵
      PID:4116

    Network

    • flag-us
      DNS
      149.220.183.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      149.220.183.52.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      2.159.190.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      2.159.190.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      95.221.229.192.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      95.221.229.192.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      28.118.140.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      28.118.140.52.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      157.123.68.40.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      157.123.68.40.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      206.23.85.13.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      206.23.85.13.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      64.13.109.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      64.13.109.52.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      2.36.159.162.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      2.36.159.162.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      206.23.85.13.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      206.23.85.13.in-addr.arpa
      IN PTR
      Response
    • 40.125.122.151:443
      260 B
       5
    • 20.189.173.15:443
      322 B
       7
    • 93.184.221.240:80
      322 B
       7
    • 93.184.221.240:80
      322 B
       7
    • 173.223.113.164:443
      322 B
       7
    • 173.223.113.131:80
      322 B
       7
    • 131.253.33.203:80
      322 B
       7
    • 13.107.4.50:80
      322 B
       7
    • 93.184.220.29:80
      322 B
       7
    • 8.8.8.8:53
      149.220.183.52.in-addr.arpa
      dns
      73 B
       147 B
       1
      1

      DNS Request

      149.220.183.52.in-addr.arpa

    • 8.8.8.8:53
      2.159.190.20.in-addr.arpa
      dns
      71 B
       157 B
       1
      1

      DNS Request

      2.159.190.20.in-addr.arpa

    • 8.8.8.8:53
      95.221.229.192.in-addr.arpa
      dns
      73 B
       144 B
       1
      1

      DNS Request

      95.221.229.192.in-addr.arpa

    • 8.8.8.8:53
      28.118.140.52.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      28.118.140.52.in-addr.arpa

    • 8.8.8.8:53
      157.123.68.40.in-addr.arpa
      dns
      72 B
       146 B
       1
      1

      DNS Request

      157.123.68.40.in-addr.arpa

    • 8.8.8.8:53
      206.23.85.13.in-addr.arpa
      dns
      71 B
       145 B
       1
      1

      DNS Request

      206.23.85.13.in-addr.arpa

    • 8.8.8.8:53
      64.13.109.52.in-addr.arpa
      dns
      71 B
       145 B
       1
      1

      DNS Request

      64.13.109.52.in-addr.arpa

    • 8.8.8.8:53
      2.36.159.162.in-addr.arpa
      dns
      71 B
       133 B
       1
      1

      DNS Request

      2.36.159.162.in-addr.arpa

    • 8.8.8.8:53
      206.23.85.13.in-addr.arpa
      dns
      71 B
       145 B
       1
      1

      DNS Request

      206.23.85.13.in-addr.arpa

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.