241fb4bbde6814ccca7cd3742248cdbcba9e5e04c1ca35623df4bdc0bb4e6952 | Triage

Analysis

max time kernel
110s
max time network
164s
platform
windows10-2004_x64
resource
win10v2004-20231020-en
resource tags

arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
submitted
21/10/2023, 21:19 UTC

Sharing

Report Analysis Logs

General

Target

NEAS.4af611f6a188ed8e4054f3a7b71c1f90.exe
Size

1.7MB
MD5

4af611f6a188ed8e4054f3a7b71c1f90
SHA1

fdeea025c3bb93e430984b1dcad661bc463f4bc8
SHA256

241fb4bbde6814ccca7cd3742248cdbcba9e5e04c1ca35623df4bdc0bb4e6952
SHA512

43ada975f5cb23fe5c078e5c7148a28b378965b881bbf9e2b8aaaa56c4745616fcd59a1ec7f7400807029ed0baab7e62760924cef7f7953cff9d28cb5e79f415
SSDEEP

24576:Eo+KpPq6TIzkQ50x9Q73KrlAtn0vL1TEVg/g9LPM+4HPrbPtPReryQn7poBI:1CrKx8OEbL4HPrbPtP8ryQ7poBI

Score

1^/10

Malware Config

Signatures

C:\Users\Admin\AppData\Local\Temp\NEAS.4af611f6a188ed8e4054f3a7b71c1f90.exe
"C:\Users\Admin\AppData\Local\Temp\NEAS.4af611f6a188ed8e4054f3a7b71c1f90.exe"
1⤵
PID:3768

Network

DNS

9.228.82.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

9.228.82.20.in-addr.arpa

IN PTR

Response
DNS

240.221.184.93.in-addr.arpa

Remote address:

8.8.8.8:53

Request

240.221.184.93.in-addr.arpa

IN PTR

Response
DNS

45.19.74.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

45.19.74.20.in-addr.arpa

IN PTR

Response
DNS

29.81.57.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

29.81.57.23.in-addr.arpa

IN PTR

Response

29.81.57.23.in-addr.arpa

IN PTR

a23-57-81-29deploystaticakamaitechnologiescom
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

26.165.165.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

26.165.165.52.in-addr.arpa

IN PTR

Response
DNS

56.126.166.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

56.126.166.20.in-addr.arpa

IN PTR

Response
DNS

14.227.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

14.227.111.52.in-addr.arpa

IN PTR

Response

No results found

8.8.8.8:53

9.228.82.20.in-addr.arpa

dns

70 B
156 B
1
1

DNS Request

9.228.82.20.in-addr.arpa
8.8.8.8:53

240.221.184.93.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

240.221.184.93.in-addr.arpa
8.8.8.8:53

45.19.74.20.in-addr.arpa

dns

70 B
156 B
1
1

DNS Request

45.19.74.20.in-addr.arpa
8.8.8.8:53

29.81.57.23.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

29.81.57.23.in-addr.arpa
8.8.8.8:53

95.221.229.192.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

95.221.229.192.in-addr.arpa
8.8.8.8:53

26.165.165.52.in-addr.arpa

dns

72 B
146 B
1
1

DNS Request

26.165.165.52.in-addr.arpa
8.8.8.8:53

56.126.166.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

56.126.166.20.in-addr.arpa
8.8.8.8:53

14.227.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

14.227.111.52.in-addr.arpa

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads