Overview

overview

6

Static

static

3

Bolt AIO C...G].exe

windows7-x64

6

Bolt AIO C...G].exe

windows10-2004-x64

6

Bolt AIO C...52.dll

windows7-x64

1

Bolt AIO C...52.dll

windows10-2004-x64

1

Bolt AIO C...ds.dll

windows7-x64

1

Bolt AIO C...ds.dll

windows10-2004-x64

1

Bolt AIO C...re.dll

windows7-x64

1

Bolt AIO C...re.dll

windows10-2004-x64

1

Bolt AIO C...st.dll

windows7-x64

1

Bolt AIO C...st.dll

windows10-2004-x64

1

Bolt AIO C...et.dll

windows7-x64

1

Bolt AIO C...et.dll

windows10-2004-x64

1

Bolt AIO C...ok.dll

windows7-x64

1

Bolt AIO C...ok.dll

windows10-2004-x64

1

Bolt AIO C...PC.dll

windows7-x64

1

Bolt AIO C...PC.dll

windows10-2004-x64

1

Bolt AIO C...PC.dll

windows7-x64

1

Bolt AIO C...PC.dll

windows10-2004-x64

1

Bolt AIO C...UI.dll

windows7-x64

1

Bolt AIO C...UI.dll

windows10-2004-x64

1

Bolt AIO C...UI.dll

windows7-x64

1

Bolt AIO C...UI.dll

windows10-2004-x64

1

Bolt AIO C...et.dll

windows7-x64

1

Bolt AIO C...et.dll

windows10-2004-x64

1

Bolt AIO C...es.dll

windows7-x64

1

Bolt AIO C...es.dll

windows10-2004-x64

1

Bolt AIO C...on.dll

windows7-x64

1

Bolt AIO C...on.dll

windows10-2004-x64

1

Bolt AIO C...UI.dll

windows7-x64

1

Bolt AIO C...UI.dll

windows10-2004-x64

1

Bolt AIO C...ne.dll

windows7-x64

1

Bolt AIO C...ne.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    147s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240221-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240221-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23/02/2024, 10:31 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bolt AIO CRACKED BY [TZCRACKING]/Discord.Net.Rest.dll

  • Size

    636KB

  • MD5

    7b8c018987190fabd15af4b665482b8d

  • SHA1

    dc8c42b5c163fc3f7b32c918f3a62dc2ad9a3afe

  • SHA256

    7bc3eee34f122be0270b5befb5f39fa63c26df63ba80f5c3b8c70b8696b68b36

  • SHA512

    5c012108e70793696e00d4072ea6b50f9b754b9462c29ac0cd784fdec23fd7588084d0192fe348f6e03f18468831b07d637fff2f422b5256fcb2ccac2a22f80d

  • SSDEEP

    6144:yrN7etql5yPXsNTR6qEbd77ax5wyYuOwpyAg4OUQ/F+XIeyChihxYAn9:Il5ylqx4uOP4OU/XH/hihxJ

Score
1/10

Malware Config

Signatures

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe "C:\Users\Admin\AppData\Local\Temp\Bolt AIO CRACKED BY [TZCRACKING]\Discord.Net.Rest.dll",#1
    1⤵
      PID:1284

    Network

    • flag-us
      DNS
      68.32.126.40.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      68.32.126.40.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      241.154.82.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      241.154.82.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      190.178.17.96.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      190.178.17.96.in-addr.arpa
      IN PTR
      Response
      190.178.17.96.in-addr.arpa
      IN PTR
      a96-17-178-190deploystaticakamaitechnologiescom
    • flag-us
      DNS
      41.110.16.96.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      41.110.16.96.in-addr.arpa
      IN PTR
      Response
      41.110.16.96.in-addr.arpa
      IN PTR
      a96-16-110-41deploystaticakamaitechnologiescom
    • flag-us
      DNS
      43.58.199.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      43.58.199.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      86.23.85.13.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      86.23.85.13.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      56.126.166.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      56.126.166.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      0.205.248.87.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      0.205.248.87.in-addr.arpa
      IN PTR
      Response
      0.205.248.87.in-addr.arpa
      IN PTR
      https-87-248-205-0lgwllnwnet
    • flag-us
      DNS
      31.243.111.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      31.243.111.52.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      11.173.189.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      11.173.189.20.in-addr.arpa
      IN PTR
      Response
    No results found
    • 8.8.8.8:53
      68.32.126.40.in-addr.arpa
      dns
      71 B
       157 B
       1
      1

      DNS Request

      68.32.126.40.in-addr.arpa

    • 8.8.8.8:53
      241.154.82.20.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      241.154.82.20.in-addr.arpa

    • 8.8.8.8:53
      190.178.17.96.in-addr.arpa
      dns
      72 B
       137 B
       1
      1

      DNS Request

      190.178.17.96.in-addr.arpa

    • 8.8.8.8:53
      41.110.16.96.in-addr.arpa
      dns
      71 B
       135 B
       1
      1

      DNS Request

      41.110.16.96.in-addr.arpa

    • 8.8.8.8:53
      43.58.199.20.in-addr.arpa
      dns
      71 B
       157 B
       1
      1

      DNS Request

      43.58.199.20.in-addr.arpa

    • 8.8.8.8:53
      86.23.85.13.in-addr.arpa
      dns
      70 B
       144 B
       1
      1

      DNS Request

      86.23.85.13.in-addr.arpa

    • 8.8.8.8:53
      56.126.166.20.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      56.126.166.20.in-addr.arpa

    • 8.8.8.8:53
      0.205.248.87.in-addr.arpa
      dns
      71 B
       116 B
       1
      1

      DNS Request

      0.205.248.87.in-addr.arpa

    • 8.8.8.8:53
      31.243.111.52.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      31.243.111.52.in-addr.arpa

    • 8.8.8.8:53
      11.173.189.20.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      11.173.189.20.in-addr.arpa

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.