05f0d4ad02290bc85b7f3c0bb3e1fee41a161ef709a173e4706f1d7ecd046cde

Analysis

max time kernel
136s
max time network
157s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
19/01/2024, 19:06 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6867dd4ec40e99178fad0265e60ade89.exe
Size

1.0MB
MD5

6867dd4ec40e99178fad0265e60ade89
SHA1

9a10ff12fdb7449224ae3986648abcff969b2889
SHA256

05f0d4ad02290bc85b7f3c0bb3e1fee41a161ef709a173e4706f1d7ecd046cde
SHA512

940ff61f7b104189ae56ccd3882d612e4287270acf4bad7fa27a600c700a3d1a5008f117da101d472c329c83c41b5fb40660ad349e858644e68c426fdf601cdb
SSDEEP

24576:YYKkczMWwS7soTjZ5P0qJHSPLaMRR0HFx0KrYEZYE:YYraMWfQoHZ5P/q2gelWKMEOE

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral2/memory/3096-0-0x0000000000400000-0x00000000005CF000-memory.dmp	upx
behavioral2/memory/3096-1-0x0000000000400000-0x00000000005CF000-memory.dmp	upx

C:\Users\Admin\AppData\Local\Temp\6867dd4ec40e99178fad0265e60ade89.exe
"C:\Users\Admin\AppData\Local\Temp\6867dd4ec40e99178fad0265e60ade89.exe"
1⤵
PID:3096

Network

DNS

141.166.122.92.in-addr.arpa

Remote address:

8.8.8.8:53

Request

141.166.122.92.in-addr.arpa

IN PTR

Response

141.166.122.92.in-addr.arpa

IN PTR

a92-122-166-141deploystaticakamaitechnologiescom
DNS

217.106.137.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

217.106.137.52.in-addr.arpa

IN PTR

Response
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

75.159.190.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

75.159.190.20.in-addr.arpa

IN PTR

Response
DNS

133.211.185.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

133.211.185.52.in-addr.arpa

IN PTR

Response
DNS

58.55.71.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

58.55.71.13.in-addr.arpa

IN PTR

Response
DNS

86.23.85.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

86.23.85.13.in-addr.arpa

IN PTR

Response
DNS

18.31.95.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

18.31.95.13.in-addr.arpa

IN PTR

Response
DNS

18.134.221.88.in-addr.arpa

Remote address:

8.8.8.8:53

Request

18.134.221.88.in-addr.arpa

IN PTR

Response

18.134.221.88.in-addr.arpa

IN PTR

a88-221-134-18deploystaticakamaitechnologiescom
DNS

43.229.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

43.229.111.52.in-addr.arpa

IN PTR

Response
DNS

26.73.42.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

26.73.42.20.in-addr.arpa

IN PTR

Response

138.91.171.81:80

104 B
2

8.8.8.8:53

141.166.122.92.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

141.166.122.92.in-addr.arpa
8.8.8.8:53

217.106.137.52.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

217.106.137.52.in-addr.arpa
8.8.8.8:53

95.221.229.192.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

95.221.229.192.in-addr.arpa
8.8.8.8:53

75.159.190.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

75.159.190.20.in-addr.arpa
8.8.8.8:53

133.211.185.52.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

133.211.185.52.in-addr.arpa
8.8.8.8:53

58.55.71.13.in-addr.arpa

dns

70 B
144 B
1
1

DNS Request

58.55.71.13.in-addr.arpa
8.8.8.8:53

86.23.85.13.in-addr.arpa

dns

70 B
144 B
1
1

DNS Request

86.23.85.13.in-addr.arpa
8.8.8.8:53

18.31.95.13.in-addr.arpa

dns

70 B
144 B
1
1

DNS Request

18.31.95.13.in-addr.arpa
8.8.8.8:53

18.134.221.88.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

18.134.221.88.in-addr.arpa
8.8.8.8:53

43.229.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

43.229.111.52.in-addr.arpa
8.8.8.8:53

26.73.42.20.in-addr.arpa

dns

70 B
156 B
1
1

DNS Request

26.73.42.20.in-addr.arpa

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3096-0-0x0000000000400000-0x00000000005CF000-memory.dmp

Filesize
1.8MB

Download
memory/3096-1-0x0000000000400000-0x00000000005CF000-memory.dmp

Filesize
1.8MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.