c8ed4ce42d2f0ccc51b3e9f8f2a329d3e4f71350c80a70c786dc9eea8a7d18c5

Analysis

max time kernel
400s
max time network
436s
platform
windows10-2004_x64
resource
win10v2004-20231020-en
resource tags

arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
submitted
26/11/2023, 16:38 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Lethal Company/MonoBleedingEdge/etc/mono/4.5/DefaultWsdlHelpGenerator.js
Size

59KB
MD5

f7be9f1841ff92f9d4040aed832e0c79
SHA1

b3e4b508aab3cf201c06892713b43ddb0c43b7ae
SHA256

751861040b69ea63a3827507b7c8da9c7f549dc181c1c8af4b7ca78cc97d710a
SHA512

380e97f7c17ee0fdf6177ed65f6e30de662a33a8a727d9f1874e9f26bd573434c3dedd655b47a21b998d32aaa72a0566df37e901fd6c618854039d5e0cbef3f5
SSDEEP

768:6CEPutHjvpMgMwP9h5Ij7khsp/6JtEZwMXVtkUI3t3CXyEyk3VbNbqDvJ4oT1y:/r6CdsCOZwMX3k5dWyklh+Dvbw

Score

1^/10

Malware Config

Signatures

C:\Windows\system32\wscript.exe
wscript.exe "C:\Users\Admin\AppData\Local\Temp\Lethal Company\MonoBleedingEdge\etc\mono\4.5\DefaultWsdlHelpGenerator.js"
1⤵
PID:3272

Network

DNS

8.8.8.8.in-addr.arpa

Remote address:

8.8.8.8:53

Request

8.8.8.8.in-addr.arpa

IN PTR

Response

8.8.8.8.in-addr.arpa

IN PTR

dnsgoogle
DNS

59.128.231.4.in-addr.arpa

Remote address:

8.8.8.8:53

Request

59.128.231.4.in-addr.arpa

IN PTR

Response
DNS

147.255.221.88.in-addr.arpa

Remote address:

8.8.8.8:53

Request

147.255.221.88.in-addr.arpa

IN PTR

Response

147.255.221.88.in-addr.arpa

IN PTR

a88-221-255-147deploystaticakamaitechnologiescom
DNS

75.159.190.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

75.159.190.20.in-addr.arpa

IN PTR

Response
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

158.240.127.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

158.240.127.40.in-addr.arpa

IN PTR

Response
DNS

86.23.85.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

86.23.85.13.in-addr.arpa

IN PTR

Response
DNS

15.164.165.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

15.164.165.52.in-addr.arpa

IN PTR

Response
DNS

192.240.110.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

192.240.110.104.in-addr.arpa

IN PTR

Response

192.240.110.104.in-addr.arpa

IN PTR

a104-110-240-192deploystaticakamaitechnologiescom
DNS

254.209.247.8.in-addr.arpa

Remote address:

8.8.8.8:53

Request

254.209.247.8.in-addr.arpa

IN PTR

Response
DNS

84.65.42.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

84.65.42.20.in-addr.arpa

IN PTR

Response

No results found

8.8.8.8:53

8.8.8.8.in-addr.arpa

dns

66 B
90 B
1
1

DNS Request

8.8.8.8.in-addr.arpa
8.8.8.8:53

59.128.231.4.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

59.128.231.4.in-addr.arpa
8.8.8.8:53

147.255.221.88.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

147.255.221.88.in-addr.arpa
8.8.8.8:53

75.159.190.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

75.159.190.20.in-addr.arpa
8.8.8.8:53

95.221.229.192.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

95.221.229.192.in-addr.arpa
8.8.8.8:53

158.240.127.40.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

158.240.127.40.in-addr.arpa
8.8.8.8:53

86.23.85.13.in-addr.arpa

dns

70 B
144 B
1
1

DNS Request

86.23.85.13.in-addr.arpa
8.8.8.8:53

15.164.165.52.in-addr.arpa

dns

72 B
146 B
1
1

DNS Request

15.164.165.52.in-addr.arpa
8.8.8.8:53

192.240.110.104.in-addr.arpa

dns

74 B
141 B
1
1

DNS Request

192.240.110.104.in-addr.arpa
8.8.8.8:53

254.209.247.8.in-addr.arpa

dns

72 B
126 B
1
1

DNS Request

254.209.247.8.in-addr.arpa
8.8.8.8:53

84.65.42.20.in-addr.arpa

dns

70 B
156 B
1
1

DNS Request

84.65.42.20.in-addr.arpa

Windows 7 deprecation

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

Loading Replay Monitor...

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.