02f19761cf165d7ec0b5904a5dcc3bc8082d42eb9eb59d97ae8b0c2f1b5c618e

Analysis

max time kernel
91s
max time network
124s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
25/03/2024, 12:34 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

de05fbe2a51bda0ca1e235f38ca0af5f.exe
Size

60KB
MD5

de05fbe2a51bda0ca1e235f38ca0af5f
SHA1

8ad289d769653b726bbe315beac8b57486671237
SHA256

02f19761cf165d7ec0b5904a5dcc3bc8082d42eb9eb59d97ae8b0c2f1b5c618e
SHA512

57e02545dcf2d1c071a6fe445f0fe3ba0920affdf908a33b16c14810de811df4b7ea5e6011d15b59096f16b3dec4fb6fd3c0317e82f809cdc1adb1e4e80da0be
SSDEEP

1536:kAGTYocMwqi97Td3Drj5lRdn4C2AGiq8XEczKi8qGtr:uTjQq83DrhUi/zKi8/tr

Score

1^/10

Malware Config

Signatures

C:\Users\Admin\AppData\Local\Temp\de05fbe2a51bda0ca1e235f38ca0af5f.exe
"C:\Users\Admin\AppData\Local\Temp\de05fbe2a51bda0ca1e235f38ca0af5f.exe"
1⤵
PID:2480

Network

DNS

149.220.183.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

149.220.183.52.in-addr.arpa

IN PTR

Response
DNS

www.microsoft.com

de05fbe2a51bda0ca1e235f38ca0af5f.exe

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

92.123.241.137
GET

http://www.microsoft.com/

de05fbe2a51bda0ca1e235f38ca0af5f.exe

Remote address:

92.123.241.137:80

Request

GET / HTTP/1.1
User-Agent: Mozilla/4.0 (Compatible; MSIE 6.0;)
Host: www.microsoft.com
Connection: Keep-Alive
Cookie: _EDGE_V=1

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Type: text/html
ETag: "6082151bd56ea922e1357f5896a90d0a:1425454794"
Last-Modified: Wed, 04 Mar 2015 07:39:54 GMT
Server: AkamaiNetStorage
Content-Length: 1020
Date: Mon, 25 Mar 2024 12:34:45 GMT
Connection: keep-alive
DNS

update.konamidata.com

de05fbe2a51bda0ca1e235f38ca0af5f.exe

Remote address:

8.8.8.8:53

Request

update.konamidata.com

IN A

Response
DNS

update.konamidata.com

de05fbe2a51bda0ca1e235f38ca0af5f.exe

Remote address:

8.8.8.8:53

Request

update.konamidata.com

IN A
DNS

189.178.17.96.in-addr.arpa

Remote address:

8.8.8.8:53

Request

189.178.17.96.in-addr.arpa

IN PTR

Response

189.178.17.96.in-addr.arpa

IN PTR

a96-17-178-189deploystaticakamaitechnologiescom
DNS

189.178.17.96.in-addr.arpa

Remote address:

8.8.8.8:53

Request

189.178.17.96.in-addr.arpa

IN PTR
DNS

137.241.123.92.in-addr.arpa

Remote address:

8.8.8.8:53

Request

137.241.123.92.in-addr.arpa

IN PTR

Response

137.241.123.92.in-addr.arpa

IN PTR

a92-123-241-137deploystaticakamaitechnologiescom
DNS

137.241.123.92.in-addr.arpa

Remote address:

8.8.8.8:53

Request

137.241.123.92.in-addr.arpa

IN PTR
DNS

74.32.126.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

74.32.126.40.in-addr.arpa

IN PTR

Response
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

103.169.127.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

103.169.127.40.in-addr.arpa

IN PTR

Response
DNS

198.187.3.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

198.187.3.20.in-addr.arpa

IN PTR

Response
DNS

217.135.221.88.in-addr.arpa

Remote address:

8.8.8.8:53

Request

217.135.221.88.in-addr.arpa

IN PTR

Response

217.135.221.88.in-addr.arpa

IN PTR

a88-221-135-217deploystaticakamaitechnologiescom
DNS

217.135.221.88.in-addr.arpa

Remote address:

8.8.8.8:53

Request

217.135.221.88.in-addr.arpa

IN PTR
DNS

192.230.140.95.in-addr.arpa

Remote address:

8.8.8.8:53

Request

192.230.140.95.in-addr.arpa

IN PTR

Response

192.230.140.95.in-addr.arpa

IN PTR

https-95-140-230-192mxpllnwnet
DNS

58.55.71.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

58.55.71.13.in-addr.arpa

IN PTR

Response

92.123.241.137:80

http://www.microsoft.com/

http

de05fbe2a51bda0ca1e235f38ca0af5f.exe

469 B
4.1kB
7
5

HTTP Request

GET http://www.microsoft.com/

HTTP Response

200
52.142.223.178:80

46 B
1

8.8.8.8:53

149.220.183.52.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

149.220.183.52.in-addr.arpa
8.8.8.8:53

www.microsoft.com

dns

de05fbe2a51bda0ca1e235f38ca0af5f.exe

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

92.123.241.137
8.8.8.8:53

update.konamidata.com

dns

de05fbe2a51bda0ca1e235f38ca0af5f.exe

134 B
140 B
2
1

DNS Request

update.konamidata.com

DNS Request

update.konamidata.com
8.8.8.8:53

189.178.17.96.in-addr.arpa

dns

144 B
137 B
2
1

DNS Request

189.178.17.96.in-addr.arpa

DNS Request

189.178.17.96.in-addr.arpa
8.8.8.8:53

137.241.123.92.in-addr.arpa

dns

146 B
139 B
2
1

DNS Request

137.241.123.92.in-addr.arpa

DNS Request

137.241.123.92.in-addr.arpa
8.8.8.8:53

74.32.126.40.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

74.32.126.40.in-addr.arpa
8.8.8.8:53

95.221.229.192.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

95.221.229.192.in-addr.arpa
8.8.8.8:53

103.169.127.40.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

103.169.127.40.in-addr.arpa
8.8.8.8:53

198.187.3.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

198.187.3.20.in-addr.arpa
8.8.8.8:53

217.135.221.88.in-addr.arpa

dns

146 B
139 B
2
1

DNS Request

217.135.221.88.in-addr.arpa

DNS Request

217.135.221.88.in-addr.arpa
8.8.8.8:53

192.230.140.95.in-addr.arpa

dns

73 B
120 B
1
1

DNS Request

192.230.140.95.in-addr.arpa
8.8.8.8:53

58.55.71.13.in-addr.arpa

dns

70 B
144 B
1
1

DNS Request

58.55.71.13.in-addr.arpa

Windows 7 deprecation

HTTP Request

HTTP Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

Loading Replay Monitor...

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.