696431978daadd33a28841320659835ba8db8080a535b8f35e9e60701ab8b491

Resubmissions

29/06/2023, 14:46 UTC

230629-r5stjsdf66 5

29/06/2023, 14:43 UTC

230629-r3tm3aed4y 5

Analysis

max time kernel
133s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20230621-en
resource tags

arch:x64arch:x86image:win10v2004-20230621-enlocale:en-usos:windows10-2004-x64system
submitted
29/06/2023, 14:43 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

cmdline-tools/lib/apkparser/analyzer/analyzer.jar
Size

104KB
MD5

bd30b848fcb384ec4c2b7d893fb41c70
SHA1

8140675a71eb2ea4b90e498d43151b31c64b8d96
SHA256

b71e99a703a1b5337062be09097199f7136ef7c6695f422ab29df36cdc0e45b2
SHA512

6b0cd2f0e2fdc703de727a5d0be4898e576a7c7821234a8850866ff5de0c367a9f5b1706f19abda3d4a9ccf1e5f22687ad700776d7b8173bf550f6727b577c99
SSDEEP

1536:AGmSUnU8pxihf8JTWz2Z+xntgDhosE9ANI9DX/e4r+VvUnoS40OgV84T4Gf3sLXW:+SUn1pGbyR7IB/Rqp4OXU3sL+BZ

Score

1^/10

Malware Config

Signatures

C:\ProgramData\Oracle\Java\javapath\java.exe
java -jar C:\Users\Admin\AppData\Local\Temp\cmdline-tools\lib\apkparser\analyzer\analyzer.jar
1⤵
PID:1484

Network

DNS

15.164.165.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

15.164.165.52.in-addr.arpa

IN PTR

Response
DNS

103.169.127.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

103.169.127.40.in-addr.arpa

IN PTR

Response
DNS

158.240.127.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

158.240.127.40.in-addr.arpa

IN PTR

Response
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

68.159.190.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

68.159.190.20.in-addr.arpa

IN PTR

Response
DNS

15.164.165.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

15.164.165.52.in-addr.arpa

IN PTR

Response
DNS

8.3.197.209.in-addr.arpa

Remote address:

8.8.8.8:53

Request

8.3.197.209.in-addr.arpa

IN PTR

Response

8.3.197.209.in-addr.arpa

IN PTR

vip0x008map2sslhwcdnnet
DNS

2.36.159.162.in-addr.arpa

Remote address:

8.8.8.8:53

Request

2.36.159.162.in-addr.arpa

IN PTR

Response
DNS

64.159.190.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

64.159.190.20.in-addr.arpa

IN PTR

Response
DNS

6.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.7.0.0.0.0.3.0.1.3.0.6.2.ip6.arpa

Remote address:

8.8.8.8:53

Request

6.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.7.0.0.0.0.3.0.1.3.0.6.2.ip6.arpa

IN PTR

Response
DNS

240.81.21.72.in-addr.arpa

Remote address:

8.8.8.8:53

Request

240.81.21.72.in-addr.arpa

IN PTR

Response
DNS

134.17.126.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

134.17.126.40.in-addr.arpa

IN PTR

Response
DNS

216.74.101.95.in-addr.arpa

Remote address:

8.8.8.8:53

Request

216.74.101.95.in-addr.arpa

IN PTR

Response

216.74.101.95.in-addr.arpa

IN PTR

a95-101-74-216deploystaticakamaitechnologiescom
DNS

202.74.101.95.in-addr.arpa

Remote address:

8.8.8.8:53

Request

202.74.101.95.in-addr.arpa

IN PTR

Response

202.74.101.95.in-addr.arpa

IN PTR

a95-101-74-202deploystaticakamaitechnologiescom

52.165.164.15:443

tls

1.6kB
9
178.79.208.1:80

260 B
5
40.126.17.132:443

260 B
5
178.79.208.1:80

322 B
7

8.8.8.8:53

15.164.165.52.in-addr.arpa

dns

72 B
146 B
1
1

DNS Request

15.164.165.52.in-addr.arpa
8.8.8.8:53

103.169.127.40.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

103.169.127.40.in-addr.arpa
8.8.8.8:53

158.240.127.40.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

158.240.127.40.in-addr.arpa
8.8.8.8:53

95.221.229.192.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

95.221.229.192.in-addr.arpa
8.8.8.8:53

68.159.190.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

68.159.190.20.in-addr.arpa
8.8.8.8:53

15.164.165.52.in-addr.arpa

dns

72 B
146 B
1
1

DNS Request

15.164.165.52.in-addr.arpa
8.8.8.8:53

8.3.197.209.in-addr.arpa

dns

70 B
111 B
1
1

DNS Request

8.3.197.209.in-addr.arpa
8.8.8.8:53

2.36.159.162.in-addr.arpa

dns

71 B
133 B
1
1

DNS Request

2.36.159.162.in-addr.arpa
8.8.8.8:53

64.159.190.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

64.159.190.20.in-addr.arpa
8.8.8.8:53

6.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.7.0.0.0.0.3.0.1.3.0.6.2.ip6.arpa

dns

118 B
204 B
1
1

DNS Request

6.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.7.0.0.0.0.3.0.1.3.0.6.2.ip6.arpa
8.8.8.8:53

240.81.21.72.in-addr.arpa

dns

71 B
142 B
1
1

DNS Request

240.81.21.72.in-addr.arpa
8.8.8.8:53

134.17.126.40.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

134.17.126.40.in-addr.arpa
8.8.8.8:53

216.74.101.95.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

216.74.101.95.in-addr.arpa
8.8.8.8:53

202.74.101.95.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

202.74.101.95.in-addr.arpa

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1484-143-0x0000000002A60000-0x0000000002A61000-memory.dmp

Filesize
4KB

Download

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.