53cd6d57499142348253949c4c6cee9b696a78fa99a5a68fcd6f78e55776cd63 | Triage

Resubmissions

28/02/2024, 11:10 UTC

240228-m96traab8y 7

28/02/2024, 11:07 UTC

240228-m7zbwsab3z 7

28/02/2024, 11:06 UTC

240228-m7grvaaa72 7

Analysis

max time kernel
148s
max time network
161s
platform
windows11-21h2_x64
resource
win11-20240221-en
resource tags

arch:x64arch:x86image:win11-20240221-enlocale:en-usos:windows11-21h2-x64system
submitted
28/02/2024, 11:10 UTC

Sharing

Report Analysis Logs

General

Target

Julien and anarchi selfsniper C#/Microsoft.Bcl.AsyncInterfaces.dll
Size

20KB
MD5

1ee251645b8a54a116d6d06c83a2bd85
SHA1

5dbf1534ffbff016cc45559eb5eff3dc4252a522
SHA256

075ce79e84041137c78885b3738c1b5a03547d0ae2a79916e844196a9d0ec1db
SHA512

9f67fd0566eac2da4253d08697daab427e4e85780615d940f086a88424dcbb0563abae7e4824088e64ef7024c1bb3bbf324f2d07bc7ba55f79e4af3c9ea88e97
SSDEEP

384:69P2wZOXm7YJVHTe+0VJI0vrdaVemxO/f7vWeq/WIdHRN7bg30uw7lGsV9W+:u2zmYrHCV9cIL6TbtCSW

Score

1^/10

Malware Config

Signatures

C:\Windows\system32\rundll32.exe
rundll32.exe "C:\Users\Admin\AppData\Local\Temp\Julien and anarchi selfsniper C#\Microsoft.Bcl.AsyncInterfaces.dll",#1
1⤵
PID:2832

Network

DNS

31.243.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

31.243.111.52.in-addr.arpa

IN PTR

Response
DNS

self.events.data.microsoft.com

Remote address:

8.8.8.8:53

Request

self.events.data.microsoft.com

IN A

Response

self.events.data.microsoft.com

IN CNAME

self-events-data.trafficmanager.net

self-events-data.trafficmanager.net

IN CNAME

onedscolprdeus17.eastus.cloudapp.azure.com

onedscolprdeus17.eastus.cloudapp.azure.com

IN A

20.42.65.91
DNS

ocsp.digicert.com

Remote address:

8.8.8.8:53

Request

ocsp.digicert.com

IN A

Response

ocsp.digicert.com

IN CNAME

ocsp.edge.digicert.com

ocsp.edge.digicert.com

IN CNAME

fp2e7a.wpc.2be4.phicdn.net

fp2e7a.wpc.2be4.phicdn.net

IN CNAME

fp2e7a.wpc.phicdn.net

fp2e7a.wpc.phicdn.net

IN A

192.229.221.95
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response

No results found

8.8.8.8:53

31.243.111.52.in-addr.arpa

dns

284 B
664 B
4
4

DNS Request

31.243.111.52.in-addr.arpa

DNS Request

self.events.data.microsoft.com

DNS Response

20.42.65.91

DNS Request

ocsp.digicert.com

DNS Response

192.229.221.95

DNS Request

95.221.229.192.in-addr.arpa

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads