Overview

overview

3

Static

static

3

3bc87fae92...69.exe

windows7-x64

1

3bc87fae92...69.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    143s
  • max time network
    68s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01/01/2024, 03:36 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3bc87fae926de9755374557d8c395e69.exe

  • Size

    1.8MB

  • MD5

    3bc87fae926de9755374557d8c395e69

  • SHA1

    f767e0c94824c283b77510b13127cb9b501ee649

  • SHA256

    7b79c7605cc2744c636613b1f9f0ea117aeea85f1b47731b8731c910042cc16c

  • SHA512

    0b9005d423f0425b546e20b286d2dcf0b01c466431e189ad9ef6421970f8189acb026b75133440e1f168cc765f96ebd99b4e884bae619cea9cdf357094ec316c

  • SSDEEP

    49152:I4sV+WblY66fB33/s36yg+MslFoAJ6qyxBrylaYJ:14+d665HELg+L0RBGlaO

Score
1/10

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\3bc87fae926de9755374557d8c395e69.exe
    "C:\Users\Admin\AppData\Local\Temp\3bc87fae926de9755374557d8c395e69.exe"
    1⤵
      PID:3664

    Network

    • flag-us
      DNS
      71.159.190.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      71.159.190.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      71.159.190.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      71.159.190.20.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      71.159.190.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      71.159.190.20.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      71.159.190.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      71.159.190.20.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      208.194.73.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      208.194.73.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      180.178.17.96.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      180.178.17.96.in-addr.arpa
      IN PTR
      Response
      180.178.17.96.in-addr.arpa
      IN PTR
      a96-17-178-180deploystaticakamaitechnologiescom
    • flag-us
      DNS
      95.221.229.192.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      95.221.229.192.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      95.221.229.192.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      95.221.229.192.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      241.154.82.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      241.154.82.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      241.154.82.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      241.154.82.20.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      205.47.74.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      205.47.74.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      205.47.74.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      205.47.74.20.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      50.23.12.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      50.23.12.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      50.23.12.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      50.23.12.20.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      41.110.16.96.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      41.110.16.96.in-addr.arpa
      IN PTR
      Response
      41.110.16.96.in-addr.arpa
      IN PTR
      a96-16-110-41deploystaticakamaitechnologiescom
    • 52.142.223.178:80
      46 B
       1
    • 40.127.240.158:443
    • 40.127.240.158:443
    • 40.127.240.158:443
      46 B
       40 B
       1
      1
    • 20.199.58.43:443
      46 B
       1
    • 20.199.58.43:443
      46 B
       1
    • 20.199.58.43:443
      46 B
       1
    • 13.95.31.18:443
    • 204.79.197.200:443
      9.3kB
       273.2kB
       198
      198
    • 204.79.197.200:443
    • 204.79.197.200:443
    • 204.79.197.200:443
    • 204.79.197.200:443
    • 192.229.221.95:80
    • 13.95.31.18:443
    • 96.17.178.173:80
    • 96.17.178.173:80
    • 96.17.178.180:80
    • 52.111.229.19:443
    • 52.168.117.168:443
    • 8.8.8.8:53
      71.159.190.20.in-addr.arpa
      dns
      288 B
       158 B
       4
      1

      DNS Request

      71.159.190.20.in-addr.arpa

      DNS Request

      71.159.190.20.in-addr.arpa

      DNS Request

      71.159.190.20.in-addr.arpa

      DNS Request

      71.159.190.20.in-addr.arpa

    • 8.8.8.8:53
      208.194.73.20.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      208.194.73.20.in-addr.arpa

    • 8.8.8.8:53
      180.178.17.96.in-addr.arpa
      dns
      72 B
       137 B
       1
      1

      DNS Request

      180.178.17.96.in-addr.arpa

    • 8.8.8.8:53
      95.221.229.192.in-addr.arpa
      dns
      146 B
       144 B
       2
      1

      DNS Request

      95.221.229.192.in-addr.arpa

      DNS Request

      95.221.229.192.in-addr.arpa

    • 8.8.8.8:53
      241.154.82.20.in-addr.arpa
      dns
      144 B
       158 B
       2
      1

      DNS Request

      241.154.82.20.in-addr.arpa

      DNS Request

      241.154.82.20.in-addr.arpa

    • 8.8.8.8:53
      205.47.74.20.in-addr.arpa
      dns
      142 B
       157 B
       2
      1

      DNS Request

      205.47.74.20.in-addr.arpa

      DNS Request

      205.47.74.20.in-addr.arpa

    • 8.8.8.8:53
      50.23.12.20.in-addr.arpa
      dns
      140 B
       156 B
       2
      1

      DNS Request

      50.23.12.20.in-addr.arpa

      DNS Request

      50.23.12.20.in-addr.arpa

    • 8.8.8.8:53
      41.110.16.96.in-addr.arpa
      dns
      71 B
       135 B
       1
      1

      DNS Request

      41.110.16.96.in-addr.arpa

    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53
    • 8.8.8.8:53

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.