99f82787fceb9fc942c370b2e16ccba58065bd9ac299f102c365298f174c77c4 | Triage

Analysis

max time kernel
147s
max time network
159s
platform
windows10-2004_x64
resource
win10v2004-20240221-en
resource tags

arch:x64arch:x86image:win10v2004-20240221-enlocale:en-usos:windows10-2004-x64system
submitted
23-02-2024 04:36

Sharing

Report Analysis Logs

General

Target

DnsTools.exe
Size

10.5MB
MD5

eb64ebf37a2e93d39c3f2e3cb4523d96
SHA1

0a86006b3005bf02624ce1d226748aba089456ee
SHA256

cabb4e6e292a51ec5ef327e0e0b55c3f09d5a2186e8522026ba4d2ed54eba1a9
SHA512

ee1fa936ceca80f6e7fbbb3da6b5dd406e344be07ab6039e24e054516f495636823b261d589ab0c98742f7660637838acfcaf346c7e626d750882934c0f07a77
SSDEEP

98304:BP2u2Djy4Nfztocg5pQrtGz+u+cIqleKf+z0HNq2Mpl2+avvwK+8+Ry6Iig9Ol86:IuNcYb1M876vZIA3

Score

1^/10

Malware Config

Signatures

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1120	DnsTools.exe

C:\Users\Admin\AppData\Local\Temp\DnsTools.exe
"C:\Users\Admin\AppData\Local\Temp\DnsTools.exe"
1⤵
- Suspicious use of FindShellTrayWindow
PID:1120

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads