Overview

overview

3

Static

static

3

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

arpaname.exe

windows7-x64

arpaname.exe

windows10-2004-x64

bindevt.dll

windows7-x64

1

bindevt.dll

windows10-2004-x64

1

ddns-confgen.exe

windows7-x64

ddns-confgen.exe

windows10-2004-x64

delv.exe

windows7-x64

delv.exe

windows10-2004-x64

dig.exe

windows7-x64

dig.exe

windows10-2004-x64

dnssec-dsfromkey.exe

windows7-x64

dnssec-dsfromkey.exe

windows10-2004-x64

dnssec-importkey.exe

windows7-x64

dnssec-importkey.exe

windows10-2004-x64

dnssec-key...el.exe

windows7-x64

dnssec-key...el.exe

windows10-2004-x64

dnssec-keygen.exe

windows7-x64

dnssec-keygen.exe

windows10-2004-x64

dnssec-revoke.exe

windows7-x64

dnssec-revoke.exe

windows10-2004-x64

dnssec-settime.exe

windows7-x64

dnssec-settime.exe

windows10-2004-x64

dnssec-signzone.exe

windows7-x64

dnssec-signzone.exe

windows10-2004-x64

dnssec-verify.exe

windows7-x64

dnssec-verify.exe

windows10-2004-x64

genrandom.exe

windows7-x64

genrandom.exe

windows10-2004-x64

host.exe

windows7-x64

host.exe

windows10-2004-x64

Analysis

  • max time kernel
    10s
  • max time network
    35s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:23

Sharing

Copy URL
Twitter E-mail

Errors

Reason
platform exec: image=C:\Users\Admin\AppData\Local\Temp\dnssec-keygen.exe command="C:\Users\Admin\AppData\Local\Temp\dnssec-keygen.exe" wdir=C:\Users\Admin\AppData\Local\Temp Payload error: The application has failed to start because its side-by-side configuration is incorrect. Please see the application event log or use the command-line sxstrace.exe tool for more detail.
Report Analysis Logs

General

  • Target

    dnssec-keygen.exe

  • Size

    108KB

  • MD5

    2a371e4b22ce397a6bb7c8cca389269e

  • SHA1

    e5dc35e88277dc3f51be0077aa7771624278f619

  • SHA256

    f50c995baa5b86d1cd0ec83c795eb0f242908b0419097c9026c37f449bbf452b

  • SHA512

    693cd1d2932ce2b70f29036e00abc27a10ca6c9aa1b446fd71a44a33bd0f698bebdad90f418f8c3ec48343daa838ded0762be5f95e4e47f2d72f982aabf681a4

  • SSDEEP

    3072:myvIR8iRKf0VeCB8SOZ418RqJZ3KWgsX9c59mUP:FvQf00Vh1OZ3P

Score
1/10

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\dnssec-keygen.exe
    "C:\Users\Admin\AppData\Local\Temp\dnssec-keygen.exe"
    1⤵
      PID:2820

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2820-0-0x0000000000400000-0x000000000042B000-memory.dmp

      Filesize

      172KB

      Download