98e176603a5ce4a3f16fd4c952635c663061a73c6482a8ea25f385519e71691b | Triage

Analysis

max time kernel
142s
max time network
147s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
07/07/2023, 14:15 UTC

Sharing

Report Analysis Logs

General

Target

ModernWpf.dll
Size

985KB
MD5

85b01ab1a579c52563f7ca8b750658ff
SHA1

963e7d7c734203828c4e2c5569eea0d895c1c17d
SHA256

9c5f0b80fd4b47c4d6ee4b17558c234fa1bfc3a3dea05260ac9a41a9dbbba9d7
SHA512

8492378286d23d4fba816ca38e13ff007aadea522555f9dd03d900d4d5cf29243e6ecba50bcc6967cc158c060d92ca91f166e5634267684409e3869538820509
SSDEEP

12288:QSv4w7pPaAXYqD9J/ohIrksBi7cNfak15I37TLO4aI37:QSBlC7qDL2PsBi7cNfaks37/O4z37

Score

1^/10

Malware Config

Signatures

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\ModernWpf.dll,#1
1⤵
PID:4992

Network

DNS

0.159.190.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

0.159.190.20.in-addr.arpa

IN PTR

Response
DNS

8.3.197.209.in-addr.arpa

Remote address:

8.8.8.8:53

Request

8.3.197.209.in-addr.arpa

IN PTR

Response

8.3.197.209.in-addr.arpa

IN PTR

vip0x008map2sslhwcdnnet
DNS

86.23.85.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

86.23.85.13.in-addr.arpa

IN PTR

Response
DNS

171.39.242.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

171.39.242.20.in-addr.arpa

IN PTR

Response
DNS

254.129.241.8.in-addr.arpa

Remote address:

8.8.8.8:53

Request

254.129.241.8.in-addr.arpa

IN PTR

Response
DNS

0.77.109.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

0.77.109.52.in-addr.arpa

IN PTR

Response
DNS

6.173.189.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

6.173.189.20.in-addr.arpa

IN PTR

Response

No results found

8.8.8.8:53

0.159.190.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

0.159.190.20.in-addr.arpa
8.8.8.8:53

8.3.197.209.in-addr.arpa

dns

70 B
111 B
1
1

DNS Request

8.3.197.209.in-addr.arpa
8.8.8.8:53

86.23.85.13.in-addr.arpa

dns

70 B
144 B
1
1

DNS Request

86.23.85.13.in-addr.arpa
8.8.8.8:53

171.39.242.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

171.39.242.20.in-addr.arpa
8.8.8.8:53

254.129.241.8.in-addr.arpa

dns

72 B
126 B
1
1

DNS Request

254.129.241.8.in-addr.arpa
8.8.8.8:53

0.77.109.52.in-addr.arpa

dns

70 B
144 B
1
1

DNS Request

0.77.109.52.in-addr.arpa
8.8.8.8:53

6.173.189.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

6.173.189.20.in-addr.arpa

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads