8af7c3f82ad26852a76b872771b62edb87eaf52d3f38332daa06f577a2122850 | Triage

Analysis

max time kernel
140s
max time network
146s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
13/02/2024, 03:14 UTC

Sharing

Report Analysis Logs

General

Target

8af7c3f82ad26852a76b872771b62edb87eaf52d3f38332daa06f577a2122850.exe
Size

202KB
MD5

09badb8acf8fe1c8d35791aa2593c118
SHA1

9c22f98c4d578b3f593b160362b10beb1a1ca901
SHA256

8af7c3f82ad26852a76b872771b62edb87eaf52d3f38332daa06f577a2122850
SHA512

9ace0b41912cc8b848fc619157423eb7ff118121202357c0831dbd7513a372e1c71ccb1ff8751ecb55709ed45fcec1c54583924d2555467c99823f2cbeffe955
SSDEEP

1536:d4Nn++cDme06rAzdtxF0dhkDgpqPh8Wiim5oQ:d4cmh/0bIgGh+oQ

Score

1^/10

Malware Config

Signatures

C:\Users\Admin\AppData\Local\Temp\8af7c3f82ad26852a76b872771b62edb87eaf52d3f38332daa06f577a2122850.exe
"C:\Users\Admin\AppData\Local\Temp\8af7c3f82ad26852a76b872771b62edb87eaf52d3f38332daa06f577a2122850.exe"
1⤵
PID:4692

Network

DNS

28.118.140.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

28.118.140.52.in-addr.arpa

IN PTR

Response
DNS

178.223.142.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

178.223.142.52.in-addr.arpa

IN PTR

Response
DNS

23.159.190.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

23.159.190.20.in-addr.arpa

IN PTR

Response
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

228.249.119.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

228.249.119.40.in-addr.arpa

IN PTR

Response
DNS

50.23.12.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

50.23.12.20.in-addr.arpa

IN PTR

Response
DNS

198.187.3.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

198.187.3.20.in-addr.arpa

IN PTR

Response
DNS

18.134.221.88.in-addr.arpa

Remote address:

8.8.8.8:53

Request

18.134.221.88.in-addr.arpa

IN PTR

Response

18.134.221.88.in-addr.arpa

IN PTR

a88-221-134-18deploystaticakamaitechnologiescom
DNS

19.229.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

19.229.111.52.in-addr.arpa

IN PTR

Response
DNS

209.80.50.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

209.80.50.20.in-addr.arpa

IN PTR

Response

No results found

8.8.8.8:53

28.118.140.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

28.118.140.52.in-addr.arpa
8.8.8.8:53

178.223.142.52.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

178.223.142.52.in-addr.arpa
8.8.8.8:53

23.159.190.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

23.159.190.20.in-addr.arpa
8.8.8.8:53

95.221.229.192.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

95.221.229.192.in-addr.arpa
8.8.8.8:53

228.249.119.40.in-addr.arpa

dns

73 B
159 B
1
1

DNS Request

228.249.119.40.in-addr.arpa
8.8.8.8:53

50.23.12.20.in-addr.arpa

dns

70 B
156 B
1
1

DNS Request

50.23.12.20.in-addr.arpa
8.8.8.8:53

198.187.3.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

198.187.3.20.in-addr.arpa
8.8.8.8:53

18.134.221.88.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

18.134.221.88.in-addr.arpa
8.8.8.8:53

19.229.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

19.229.111.52.in-addr.arpa
8.8.8.8:53

209.80.50.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

209.80.50.20.in-addr.arpa

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4692-0-0x0000000074660000-0x0000000074E10000-memory.dmp

Filesize
7.7MB

Download
memory/4692-1-0x0000000000480000-0x00000000004B8000-memory.dmp

Filesize
224KB

Download
memory/4692-2-0x0000000005470000-0x0000000005A14000-memory.dmp

Filesize
5.6MB

Download
memory/4692-3-0x0000000004F60000-0x0000000004FF2000-memory.dmp

Filesize
584KB

Download
memory/4692-4-0x00000000050C0000-0x00000000050D0000-memory.dmp

Filesize
64KB

Download
memory/4692-5-0x0000000004EC0000-0x0000000004ECA000-memory.dmp

Filesize
40KB

Download
memory/4692-6-0x00000000050C0000-0x00000000050D0000-memory.dmp

Filesize
64KB

Download
memory/4692-7-0x0000000074660000-0x0000000074E10000-memory.dmp

Filesize
7.7MB

Download
memory/4692-8-0x00000000050C0000-0x00000000050D0000-memory.dmp

Filesize
64KB

Download
memory/4692-9-0x00000000050C0000-0x00000000050D0000-memory.dmp

Filesize
64KB

Download