Overview

overview

7

Static

static

3

Monocypher...er.zip

windows7-x64

1

Monocypher...er.zip

windows10-2004-x64

1

LICENSE.txt

windows7-x64

1

LICENSE.txt

windows10-2004-x64

1

Monocypher...er.exe

windows7-x64

7

Monocypher...er.exe

windows10-2004-x64

7

Monocypher...er.pyc

windows7-x64

3

Monocypher...er.pyc

windows10-2004-x64

3

api-ms-win...-0.dll

windows7-x64

1

api-ms-win...-0.dll

windows10-2004-x64

1

help.txt

windows7-x64

1

help.txt

windows10-2004-x64

1

Resubmissions

21/08/2023, 16:18 UTC

230821-tr7rnafg61 7

21/08/2023, 16:16 UTC

230821-trbdfseb79 3

Analysis

  • max time kernel
    138s
  • max time network
    145s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21/08/2023, 16:18 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Monocypher_AEAD_explorer.zip

  • Size

    6.6MB

  • MD5

    368006573d6c362a4d9a7d3c8f08ba90

  • SHA1

    88cc3fb11aa5ecd035ff1151f05c0e2058e9e2d3

  • SHA256

    bc9b8cf8152e01d5bb605de7219cb6713b0201931c53dd9a0011dfce13b030d2

  • SHA512

    62b88cc58f648d69c716e2114df1ed76ce2200a61f9377196d3b251946a64daaae3caaf0ddc21e0c2778ae6885874a509c1382b332354e98687bf8841e83a588

  • SSDEEP

    196608:cehAu+NoTaRic1t21sDtlFtvAT1O3gCoj:c0V+NX1PHtS1Pj

Score
1/10

Malware Config

Signatures

Processes

  • C:\Windows\Explorer.exe
    C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\Monocypher_AEAD_explorer.zip
    1⤵
      PID:892

    Network

    • flag-us
      DNS
      208.194.73.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      208.194.73.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      126.22.238.8.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      126.22.238.8.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      75.159.190.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      75.159.190.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      95.221.229.192.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      95.221.229.192.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      86.8.109.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      86.8.109.52.in-addr.arpa
      IN PTR
      Response
    No results found
    • 8.8.8.8:53
      208.194.73.20.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      208.194.73.20.in-addr.arpa

    • 8.8.8.8:53
      126.22.238.8.in-addr.arpa
      dns
      71 B
       125 B
       1
      1

      DNS Request

      126.22.238.8.in-addr.arpa

    • 8.8.8.8:53
      75.159.190.20.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      75.159.190.20.in-addr.arpa

    • 8.8.8.8:53
      95.221.229.192.in-addr.arpa
      dns
      73 B
       144 B
       1
      1

      DNS Request

      95.221.229.192.in-addr.arpa

    • 8.8.8.8:53
      86.8.109.52.in-addr.arpa
      dns
      70 B
       144 B
       1
      1

      DNS Request

      86.8.109.52.in-addr.arpa

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.