Analysis
-
max time kernel
143s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20231023-en -
resource tags
arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system -
submitted
30-10-2023 09:26
Behavioral task
behavioral1
Sample
572515c5a112fc063cc78c0b063c2366062ef37b02588fefe31bb0abae3cd8ca.rar
Resource
win7-20231025-en
Behavioral task
behavioral2
Sample
572515c5a112fc063cc78c0b063c2366062ef37b02588fefe31bb0abae3cd8ca.rar
Resource
win10v2004-20231020-en
Behavioral task
behavioral3
Sample
Cyberpunk 2077 v2.0-v2.01 Plus 42 Trainer.exe
Resource
win7-20231020-en
Behavioral task
behavioral4
Sample
Cyberpunk 2077 v2.0-v2.01 Plus 42 Trainer.exe
Resource
win10v2004-20231023-en
Behavioral task
behavioral5
Sample
游侠网最新单机游戏.url
Resource
win7-20231023-en
Behavioral task
behavioral6
Sample
游侠网最新单机游戏.url
Resource
win10v2004-20231023-en
Behavioral task
behavioral7
Sample
游侠网热门MOD补丁.url
Resource
win7-20231020-en
Behavioral task
behavioral8
Sample
游侠网热门MOD补丁.url
Resource
win10v2004-20231023-en
General
-
Target
游侠网热门MOD补丁.url
-
Size
183B
-
MD5
1240cb2f6fdcd17b166496bd17f72cb6
-
SHA1
2c4e10cb34c961bd93b977f138a2b04a0fde54d0
-
SHA256
b309f388ad3192343d775f071c46d20e2c7cfff64e757c20071f164eb46be0e5
-
SHA512
3723249fb3b771aa4b2fb17d535b2aee241dcd16091c90ec55993c1821f1b29f919406ae012b8ce7bf446616acd401cd4ccedbbff254d6b90f1027364c16e690
Malware Config
Signatures
Processes
Network
-
Remote address:8.8.8.8:53Request22.160.190.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request240.34.232.68.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request9.228.82.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request43.58.199.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request39.142.81.104.in-addr.arpaIN PTRResponse39.142.81.104.in-addr.arpaIN PTRa104-81-142-39deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request157.123.68.40.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request18.31.95.13.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request18.31.95.13.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request18.31.95.13.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request18.31.95.13.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request18.31.95.13.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request254.209.247.8.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request19.229.111.52.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request1.208.79.178.in-addr.arpaIN PTRResponse1.208.79.178.in-addr.arpaIN PTRhttps-178-79-208-1amsllnwnet
-
Remote address:8.8.8.8:53Request26.73.42.20.in-addr.arpaIN PTRResponse
-
72 B 158 B 1 1
DNS Request
22.160.190.20.in-addr.arpa
-
72 B 143 B 1 1
DNS Request
240.34.232.68.in-addr.arpa
-
70 B 156 B 1 1
DNS Request
9.228.82.20.in-addr.arpa
-
71 B 157 B 1 1
DNS Request
43.58.199.20.in-addr.arpa
-
72 B 137 B 1 1
DNS Request
39.142.81.104.in-addr.arpa
-
72 B 146 B 1 1
DNS Request
157.123.68.40.in-addr.arpa
-
350 B 5
DNS Request
18.31.95.13.in-addr.arpa
DNS Request
18.31.95.13.in-addr.arpa
DNS Request
18.31.95.13.in-addr.arpa
DNS Request
18.31.95.13.in-addr.arpa
DNS Request
18.31.95.13.in-addr.arpa
-
72 B 126 B 1 1
DNS Request
254.209.247.8.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
19.229.111.52.in-addr.arpa
-
71 B 116 B 1 1
DNS Request
1.208.79.178.in-addr.arpa
-
70 B 156 B 1 1
DNS Request
26.73.42.20.in-addr.arpa