3a60c730ea7f45abe8349122280c7f72fc773617f54c1dca68bc395ae1c26a08

Analysis

max time kernel
92s
max time network
122s
platform
windows10-2004_x64
resource
win10v2004-20231222-en
resource tags

arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
submitted
27/01/2024, 12:33 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7a445a3ee8d3afa861a506c396ea811e.exe
Size

24KB
MD5

7a445a3ee8d3afa861a506c396ea811e
SHA1

27433b6daa2be03f31a6247fe6af3358ff4edc96
SHA256

3a60c730ea7f45abe8349122280c7f72fc773617f54c1dca68bc395ae1c26a08
SHA512

734cedb82a8ec82c8d4f319e7aaf07229e8c4cbc7de9b976811beeae30b4f50b08a56bc1e08f4c747a60a3a4353d97bfc139859045f5020b0ba5c7277f6f8612
SSDEEP

192:/TmXJatIpkd00DSOe9QXhvpcoH/tHe8l8WycZQLu:/TmQtIpV0DSOeeRhch8l8WycZQLu

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2384	7a445a3ee8d3afa861a506c396ea811e.exe

C:\Users\Admin\AppData\Local\Temp\7a445a3ee8d3afa861a506c396ea811e.exe
"C:\Users\Admin\AppData\Local\Temp\7a445a3ee8d3afa861a506c396ea811e.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:2384

Network

DNS

154.239.44.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

154.239.44.20.in-addr.arpa

IN PTR

Response
DNS

177.178.17.96.in-addr.arpa

Remote address:

8.8.8.8:53

Request

177.178.17.96.in-addr.arpa

IN PTR

Response

177.178.17.96.in-addr.arpa

IN PTR

a96-17-178-177deploystaticakamaitechnologiescom
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

97.17.167.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

97.17.167.52.in-addr.arpa

IN PTR

Response
DNS

133.211.185.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

133.211.185.52.in-addr.arpa

IN PTR

Response
DNS

50.23.12.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

50.23.12.20.in-addr.arpa

IN PTR

Response
DNS

56.126.166.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

56.126.166.20.in-addr.arpa

IN PTR

Response
DNS

0.205.248.87.in-addr.arpa

Remote address:

8.8.8.8:53

Request

0.205.248.87.in-addr.arpa

IN PTR

Response

0.205.248.87.in-addr.arpa

IN PTR

https-87-248-205-0lgwllnwnet
DNS

204.178.17.96.in-addr.arpa

Remote address:

8.8.8.8:53

Request

204.178.17.96.in-addr.arpa

IN PTR

Response

204.178.17.96.in-addr.arpa

IN PTR

a96-17-178-204deploystaticakamaitechnologiescom
DNS

13.227.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

13.227.111.52.in-addr.arpa

IN PTR

Response
DNS

208.178.17.96.in-addr.arpa

Remote address:

8.8.8.8:53

Request

208.178.17.96.in-addr.arpa

IN PTR

Response

208.178.17.96.in-addr.arpa

IN PTR

a96-17-178-208deploystaticakamaitechnologiescom

138.91.171.81:80

46 B
1

8.8.8.8:53

154.239.44.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

154.239.44.20.in-addr.arpa
8.8.8.8:53

177.178.17.96.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

177.178.17.96.in-addr.arpa
8.8.8.8:53

95.221.229.192.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

95.221.229.192.in-addr.arpa
8.8.8.8:53

97.17.167.52.in-addr.arpa

dns

71 B
145 B
1
1

DNS Request

97.17.167.52.in-addr.arpa
8.8.8.8:53

133.211.185.52.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

133.211.185.52.in-addr.arpa
8.8.8.8:53

50.23.12.20.in-addr.arpa

dns

70 B
156 B
1
1

DNS Request

50.23.12.20.in-addr.arpa
8.8.8.8:53

56.126.166.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

56.126.166.20.in-addr.arpa
8.8.8.8:53

0.205.248.87.in-addr.arpa

dns

71 B
116 B
1
1

DNS Request

0.205.248.87.in-addr.arpa
8.8.8.8:53

204.178.17.96.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

204.178.17.96.in-addr.arpa
8.8.8.8:53

13.227.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

13.227.111.52.in-addr.arpa
8.8.8.8:53

208.178.17.96.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

208.178.17.96.in-addr.arpa

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.