920ee4d6e16da14af70de3df554004024590cd31ac4b57c5338761b7838b3291 | Triage

Resubmissions

02/02/2024, 15:59 UTC

240202-te4t8scbdp 10

02/02/2024, 15:54 UTC

240202-tcesbscahk 10

Analysis

max time kernel
1064s
max time network
1073s
platform
windows10-1703_x64
resource
win10-20231215-en
resource tags

arch:x64arch:x86image:win10-20231215-enlocale:en-usos:windows10-1703-x64system
submitted
02/02/2024, 15:54 UTC

Sharing

Report Analysis Logs

General

Target

SMS sender 2023/SMS sender 2023/BackupCertificate.zip
Size

4KB
MD5

9b0db7dadc6e34da2b0148a7ce8bfd6f
SHA1

7a54f368a5c036b629d43f5ff71e32f2b8e9d929
SHA256

ff20fb033264f35a874ae5345fa33914d339ba2c1de36a92db618283005c31ca
SHA512

cd82f67af88b2cf662644f30fa3a449c3658973a17138a4cd7fa923020680f656dc09a26ba3582682c8d8c2b11fbc3ccb8977c9595af1580b9e06deaa8707225
SSDEEP

96:G/qoI5cc8ZF+cECSKhnbD8FOegFaSrrTmkTIt3Vq:qqr507tECSKhnbIOeytdTj

Score

1^/10

Malware Config

Signatures

C:\Windows\Explorer.exe
C:\Windows\Explorer.exe /idlist,,"C:\Users\Admin\AppData\Local\Temp\SMS sender 2023\SMS sender 2023\BackupCertificate.zip"
1⤵
PID:1516

Network

DNS

57.110.18.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

57.110.18.2.in-addr.arpa

IN PTR

Response

57.110.18.2.in-addr.arpa

IN PTR

a2-18-110-57deploystaticakamaitechnologiescom
DNS

81.171.91.138.in-addr.arpa

Remote address:

8.8.8.8:53

Request

81.171.91.138.in-addr.arpa

IN PTR

Response
DNS

14.227.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

14.227.111.52.in-addr.arpa

IN PTR

Response
DNS

84.65.42.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

84.65.42.20.in-addr.arpa

IN PTR

Response
DNS

176.178.17.96.in-addr.arpa

Remote address:

8.8.8.8:53

Request

176.178.17.96.in-addr.arpa

IN PTR

Response

176.178.17.96.in-addr.arpa

IN PTR

a96-17-178-176deploystaticakamaitechnologiescom
DNS

79.121.231.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

79.121.231.20.in-addr.arpa

IN PTR

Response

No results found

8.8.8.8:53

57.110.18.2.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

57.110.18.2.in-addr.arpa
8.8.8.8:53

81.171.91.138.in-addr.arpa

dns

72 B
146 B
1
1

DNS Request

81.171.91.138.in-addr.arpa
8.8.8.8:53

14.227.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

14.227.111.52.in-addr.arpa
8.8.8.8:53

84.65.42.20.in-addr.arpa

dns

70 B
156 B
1
1

DNS Request

84.65.42.20.in-addr.arpa
8.8.8.8:53

176.178.17.96.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

176.178.17.96.in-addr.arpa
8.8.8.8:53

79.121.231.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

79.121.231.20.in-addr.arpa

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads