96bced42def7b8d8a6e836ea2d7d0aaae76ee5558c165a88cee70af8639be642 | Triage

Analysis

max time kernel
149s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240221-en
resource tags

arch:x64arch:x86image:win10v2004-20240221-enlocale:en-usos:windows10-2004-x64system
submitted
21/02/2024, 18:11 UTC

Sharing

Report Analysis Logs

General

Target

infos/Managed/System.dll
Size

1.0MB
MD5

23726881ef51d4097769e2cbf29c826a
SHA1

a75c50eebd3da61d821b8e45fcd1d7919ec0ba0b
SHA256

b8517e9e87db7d45525e5ac82cb4f9dcd77aadb3a8c159d1b1ec0df3ff388dd6
SHA512

aa1a76bba1ff7047469a1b726e7d1d603c11e6e8a4bfe5469859564566994d781e5bb91357924249ba9ab8ff64a2ad058e78129296d1fe824d7b4cd9ba914786
SSDEEP

24576:gvKCuaUIERHhTCzPIH98RlreZgkNoJXfBKsClf6ott50VIZwrJG8MAFPGmSu:gyCPvBSZwrJG8MAFPGm

Score

1^/10

Malware Config

Signatures

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\infos\Managed\System.dll,#1
1⤵
PID:2228

Network

DNS

4.159.190.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

4.159.190.20.in-addr.arpa

IN PTR

Response
DNS

43.58.199.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

43.58.199.20.in-addr.arpa

IN PTR

Response
DNS

177.178.17.96.in-addr.arpa

Remote address:

8.8.8.8:53

Request

177.178.17.96.in-addr.arpa

IN PTR

Response

177.178.17.96.in-addr.arpa

IN PTR

a96-17-178-177deploystaticakamaitechnologiescom
DNS

11.227.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

11.227.111.52.in-addr.arpa

IN PTR

Response
DNS

26.73.42.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

26.73.42.20.in-addr.arpa

IN PTR

Response

No results found

8.8.8.8:53

4.159.190.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

4.159.190.20.in-addr.arpa
8.8.8.8:53

43.58.199.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

43.58.199.20.in-addr.arpa
8.8.8.8:53

177.178.17.96.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

177.178.17.96.in-addr.arpa
8.8.8.8:53

11.227.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

11.227.111.52.in-addr.arpa
8.8.8.8:53

26.73.42.20.in-addr.arpa

dns

70 B
156 B
1
1

DNS Request

26.73.42.20.in-addr.arpa

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads