c8dd7711a2238806aec0eda2dc7711de1c864ceeb2bf1a0005b656c0f3d0d023 | Triage

Analysis

max time kernel
91s
max time network
155s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
23/09/2023, 17:50 UTC

Sharing

Report Analysis Logs

General

Target

TestAssembly-N20.exe
Size

5KB
MD5

5dbd3808d6e92e22cd61a9ce479c11d4
SHA1

315bcb9e58d858ea936581ae38b2de47b4b7d4ab
SHA256

c8dd7711a2238806aec0eda2dc7711de1c864ceeb2bf1a0005b656c0f3d0d023
SHA512

494e8e673d2e1cde1607ac396e4ad44d01eca51fe2db14b6b96ed18eb09553286bbabc2d9a924e57815778fc3dd81872401f0bf6126ce3ab53b1d3506aca9461
SSDEEP

48:6+FIDKRwHB26rNPwx++MMkhLKO1uMu7Yt3slKaNi1tm2lPplJyFypfbNtm:4WRWB26BPws7k1k8lKxD9zNt

Score

1^/10

Malware Config

Signatures

C:\Users\Admin\AppData\Local\Temp\TestAssembly-N20.exe
"C:\Users\Admin\AppData\Local\Temp\TestAssembly-N20.exe"
1⤵
PID:1236

Network

DNS

68.32.126.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

68.32.126.40.in-addr.arpa

IN PTR

Response
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

208.194.73.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

208.194.73.20.in-addr.arpa

IN PTR

Response
DNS

9.228.82.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

9.228.82.20.in-addr.arpa

IN PTR

Response
DNS

198.1.85.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

198.1.85.104.in-addr.arpa

IN PTR

Response

198.1.85.104.in-addr.arpa

IN PTR

a104-85-1-198deploystaticakamaitechnologiescom
DNS

59.128.231.4.in-addr.arpa

Remote address:

8.8.8.8:53

Request

59.128.231.4.in-addr.arpa

IN PTR

Response
DNS

26.35.223.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

26.35.223.20.in-addr.arpa

IN PTR

Response
DNS

158.240.127.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

158.240.127.40.in-addr.arpa

IN PTR

Response
DNS

50.23.12.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

50.23.12.20.in-addr.arpa

IN PTR

Response
DNS

56.126.166.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

56.126.166.20.in-addr.arpa

IN PTR

Response
DNS

113.208.253.8.in-addr.arpa

Remote address:

8.8.8.8:53

Request

113.208.253.8.in-addr.arpa

IN PTR

Response

No results found

8.8.8.8:53

68.32.126.40.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

68.32.126.40.in-addr.arpa
8.8.8.8:53

95.221.229.192.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

95.221.229.192.in-addr.arpa
8.8.8.8:53

208.194.73.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

208.194.73.20.in-addr.arpa
8.8.8.8:53

9.228.82.20.in-addr.arpa

dns

70 B
156 B
1
1

DNS Request

9.228.82.20.in-addr.arpa
8.8.8.8:53

198.1.85.104.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

198.1.85.104.in-addr.arpa
8.8.8.8:53

59.128.231.4.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

59.128.231.4.in-addr.arpa
8.8.8.8:53

26.35.223.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

26.35.223.20.in-addr.arpa
8.8.8.8:53

158.240.127.40.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

158.240.127.40.in-addr.arpa
8.8.8.8:53

50.23.12.20.in-addr.arpa

dns

70 B
156 B
1
1

DNS Request

50.23.12.20.in-addr.arpa
8.8.8.8:53

56.126.166.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

56.126.166.20.in-addr.arpa
8.8.8.8:53

113.208.253.8.in-addr.arpa

dns

72 B
126 B
1
1

DNS Request

113.208.253.8.in-addr.arpa

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1236-0-0x000000001B530000-0x000000001B592000-memory.dmp

Filesize
392KB

Download
memory/1236-1-0x00007FFD294E0000-0x00007FFD29E81000-memory.dmp

Filesize
9.6MB

Download
memory/1236-2-0x00007FFD294E0000-0x00007FFD29E81000-memory.dmp

Filesize
9.6MB

Download
memory/1236-3-0x0000000000CD0000-0x0000000000CE0000-memory.dmp

Filesize
64KB

Download
memory/1236-5-0x00007FFD294E0000-0x00007FFD29E81000-memory.dmp

Filesize
9.6MB

Download