Overview

overview

3

Static

static

3

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

arpaname.exe

windows7-x64

arpaname.exe

windows10-2004-x64

bindevt.dll

windows7-x64

1

bindevt.dll

windows10-2004-x64

1

ddns-confgen.exe

windows7-x64

ddns-confgen.exe

windows10-2004-x64

dig.exe

windows7-x64

dig.exe

windows10-2004-x64

dnssec-dsfromkey.exe

windows7-x64

dnssec-dsfromkey.exe

windows10-2004-x64

dnssec-key...el.exe

windows7-x64

dnssec-key...el.exe

windows10-2004-x64

dnssec-keygen.exe

windows7-x64

dnssec-keygen.exe

windows10-2004-x64

dnssec-revoke.exe

windows7-x64

dnssec-revoke.exe

windows10-2004-x64

dnssec-settime.exe

windows7-x64

dnssec-settime.exe

windows10-2004-x64

dnssec-signzone.exe

windows7-x64

dnssec-signzone.exe

windows10-2004-x64

genrandom.exe

windows7-x64

genrandom.exe

windows10-2004-x64

host.exe

windows7-x64

host.exe

windows10-2004-x64

isc-hmac-fixup.exe

windows7-x64

isc-hmac-fixup.exe

windows10-2004-x64

libbind9.dll

windows7-x64

1

libbind9.dll

windows10-2004-x64

1

libdns.dll

windows7-x64

1

libdns.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    153s
  • max time network
    41s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    07-11-2023 14:44

Sharing

Copy URL
Twitter E-mail

Errors

Reason
platform exec: image=C:\Users\Admin\AppData\Local\Temp\dnssec-signzone.exe command="C:\Users\Admin\AppData\Local\Temp\dnssec-signzone.exe" wdir=C:\Users\Admin\AppData\Local\Temp Payload error: The application has failed to start because its side-by-side configuration is incorrect. Please see the application event log or use the command-line sxstrace.exe tool for more detail.
Report Analysis Logs

General

  • Target

    dnssec-signzone.exe

  • Size

    136KB

  • MD5

    0f41f99a66a6a416be6c3b8270514233

  • SHA1

    c98efa99b0e80b0daa22671f50e506dafa0874e9

  • SHA256

    0b80060a20cf06576b01abd74d8a7f8a6215c0a15a95ad87a592c9db74f790d5

  • SHA512

    598805fc03f4a0f8d1b172b52d6cf4c09d6a40368588e6982b5bac6d910f8f3b150254b9ba004ccf6afc5e1c058a0597bf8764156e7a15027b3b2c28e1b63473

  • SSDEEP

    1536:wteyzr/magvl6AckcBzXK4bjrmoNW6NO8rcgyrLfC3HpFKs24GAYGUNL:+/+kXaa5RYFy3HpFKs24GAYGUN

Score
1/10

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\dnssec-signzone.exe
    "C:\Users\Admin\AppData\Local\Temp\dnssec-signzone.exe"
    1⤵
      PID:2196

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2196-0-0x0000000000400000-0x0000000000432000-memory.dmp

      Filesize

      200KB

      Download