Analysis
-
max time kernel
142s -
max time network
145s -
platform
windows10-2004_x64 -
resource
win10v2004-20230703-en -
resource tags
arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system -
submitted
16-07-2023 02:32
Behavioral task
behavioral1
Sample
2924-71-0x0000000000400000-0x0000000000465000-memory.exe
Resource
win7-20230712-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
2924-71-0x0000000000400000-0x0000000000465000-memory.exe
Resource
win10v2004-20230703-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
2924-71-0x0000000000400000-0x0000000000465000-memory.exe
-
Size
404KB
-
MD5
80cc442eb653559d9ffa32fb28c07160
-
SHA1
be7c5f27350ceae8004b4f19fb0fd17ab35743e7
-
SHA256
30d294a32a2256eef72f8e24b3dba3d5fe9b2d78bf46ca3124634d65ea1a07fe
-
SHA512
c01a9381f470b7247791c370d63caa84e6fc91b119ad401ffff8839a8cff98977e1a30d755aa7f8ea61e6984833cf9345bbc219ad0908f0c2180aa12cb8c416b
-
SSDEEP
1536:vTTy+C/J9jTXFQ/KL3TmA2KisLQOTqEbvze2pX:rT5C/JZTFQiLWKxLXTH/pX
Score
1/10
Malware Config
Signatures
-
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 1764 2924-71-0x0000000000400000-0x0000000000465000-memory.exe
Processes
Network
-
Remote address:8.8.8.8:53Request158.240.127.40.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request8.3.197.209.in-addr.arpaIN PTRResponse8.3.197.209.in-addr.arpaIN PTRvip0x008map2sslhwcdnnet
-
Remote address:8.8.8.8:53Request136.32.126.40.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request95.221.229.192.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request43.58.199.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request206.23.85.13.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request183.59.114.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request240.221.184.93.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request216.74.101.95.in-addr.arpaIN PTRResponse216.74.101.95.in-addr.arpaIN PTRa95-101-74-216deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request27.73.42.20.in-addr.arpaIN PTRResponse
No results found
-
73 B 147 B 1 1
DNS Request
158.240.127.40.in-addr.arpa
-
70 B 111 B 1 1
DNS Request
8.3.197.209.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
136.32.126.40.in-addr.arpa
-
73 B 144 B 1 1
DNS Request
95.221.229.192.in-addr.arpa
-
71 B 157 B 1 1
DNS Request
43.58.199.20.in-addr.arpa
-
71 B 145 B 1 1
DNS Request
206.23.85.13.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
183.59.114.20.in-addr.arpa
-
73 B 144 B 1 1
DNS Request
240.221.184.93.in-addr.arpa
-
72 B 137 B 1 1
DNS Request
216.74.101.95.in-addr.arpa
-
70 B 156 B 1 1
DNS Request
27.73.42.20.in-addr.arpa