76510f03ba0a2db3be93247beedadbbd62a409e4538075285544e0fdcefd3225

Analysis

max time kernel
134s
max time network
152s
platform
windows11-21h2_x64
resource
win11-20240221-en
resource tags

arch:x64arch:x86image:win11-20240221-enlocale:en-usos:windows11-21h2-x64system
submitted
28/02/2024, 23:47 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

MyDockFinder.v2024.02.22/MyDockFinder.v2024.02.22/dll/x64/mfc140u.dll
Size

5.4MB
MD5

b55a49d3c191468644fa71dfc5624293
SHA1

28d5b9925b37be6e0f4f2c4c6e759b205945f6ef
SHA256

432413ea40acaaf74acd0a977ea7cc8dbabbbdb669dc74d7a28ef21605bfba31
SHA512

ab41dde6ce0621692c39904be5359d79ede531529dd50f0c1bbef6a610f8a3f0d438b270be1ea8d618ff4616f955bb5ef343e9ed6bf5510a2ebaf01193607d64
SSDEEP

98304:Jn/MrJ4NLMuCnDKFLOAkGkzdnEVomFHKnP9:BM1mMuC+FLOyomFHKnP9

Score

1^/10

Malware Config

Signatures

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\MyDockFinder.v2024.02.22\MyDockFinder.v2024.02.22\dll\x64\mfc140u.dll,#1
1⤵
PID:3824

Network

DNS

71.159.190.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

71.159.190.20.in-addr.arpa

IN PTR

Response
DNS

55.36.223.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

55.36.223.20.in-addr.arpa

IN PTR

Response
DNS

26.35.223.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

26.35.223.20.in-addr.arpa

IN PTR

Response
DNS

194.178.17.96.in-addr.arpa

Remote address:

8.8.8.8:53

Request

194.178.17.96.in-addr.arpa

IN PTR

Response

194.178.17.96.in-addr.arpa

IN PTR

a96-17-178-194deploystaticakamaitechnologiescom
DNS

88.156.103.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

88.156.103.20.in-addr.arpa

IN PTR

Response
DNS

19.229.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

19.229.111.52.in-addr.arpa

IN PTR

Response
DNS

180.178.17.96.in-addr.arpa

Remote address:

8.8.8.8:53

Request

180.178.17.96.in-addr.arpa

IN PTR

Response

180.178.17.96.in-addr.arpa

IN PTR

a96-17-178-180deploystaticakamaitechnologiescom
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

tse1.mm.bing.net

Remote address:

8.8.8.8:53

Request

tse1.mm.bing.net

IN A

Response

tse1.mm.bing.net

IN CNAME

mm-mm.bing.net.trafficmanager.net

mm-mm.bing.net.trafficmanager.net

IN CNAME

dual-a-0001.a-msedge.net

dual-a-0001.a-msedge.net

IN A

204.79.197.200

dual-a-0001.a-msedge.net

IN A

13.107.21.200
DNS

ctldl.windowsupdate.com

Remote address:

8.8.8.8:53

Request

ctldl.windowsupdate.com

IN A

Response

ctldl.windowsupdate.com

IN CNAME

wu-bg-shim.trafficmanager.net

wu-bg-shim.trafficmanager.net

IN CNAME

download.windowsupdate.com.edgesuite.net

download.windowsupdate.com.edgesuite.net

IN CNAME

a767.dspw65.akamai.net

a767.dspw65.akamai.net

IN A

96.17.178.194

a767.dspw65.akamai.net

IN A

96.17.178.180
DNS

ris.api.iris.microsoft.com

Remote address:

8.8.8.8:53

Request

ris.api.iris.microsoft.com

IN A

Response

ris.api.iris.microsoft.com

IN CNAME

ris-prod.trafficmanager.net

ris-prod.trafficmanager.net

IN CNAME

asf-ris-prod-neu-azsc.northeurope.cloudapp.azure.com

asf-ris-prod-neu-azsc.northeurope.cloudapp.azure.com

IN A

20.234.120.54
DNS

nexusrules.officeapps.live.com

Remote address:

8.8.8.8:53

Request

nexusrules.officeapps.live.com

IN A

Response

nexusrules.officeapps.live.com

IN CNAME

prod.nexusrules.live.com.akadns.net

prod.nexusrules.live.com.akadns.net

IN A

52.111.229.19

204.79.197.200:443

tse1.mm.bing.net

tls

1.6kB
8.5kB
18
16
204.79.197.200:443

tse1.mm.bing.net

tls

1.6kB
8.5kB
18
16
204.79.197.200:443

tse1.mm.bing.net

tls

84.7kB
2.4MB
1766
1764
204.79.197.200:443

tse1.mm.bing.net

tls

1.6kB
8.5kB
18
16
204.79.197.200:443

tse1.mm.bing.net

tls

1.6kB
8.5kB
18
16

8.8.8.8:53

71.159.190.20.in-addr.arpa

dns

430 B
925 B
6
6

DNS Request

71.159.190.20.in-addr.arpa

DNS Request

55.36.223.20.in-addr.arpa

DNS Request

26.35.223.20.in-addr.arpa

DNS Request

194.178.17.96.in-addr.arpa

DNS Request

88.156.103.20.in-addr.arpa

DNS Request

19.229.111.52.in-addr.arpa
8.8.8.8:53

180.178.17.96.in-addr.arpa

dns

424 B
1.0kB
6
6

DNS Request

180.178.17.96.in-addr.arpa

DNS Request

95.221.229.192.in-addr.arpa

DNS Request

tse1.mm.bing.net

DNS Response

204.79.197.200

13.107.21.200

DNS Request

ctldl.windowsupdate.com

DNS Response

96.17.178.194

96.17.178.180

DNS Request

ris.api.iris.microsoft.com

DNS Response

20.234.120.54

DNS Request

nexusrules.officeapps.live.com

DNS Response

52.111.229.19

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.