Resubmissions

29-04-2024 17:56

240429-wjgllsgg29 10

17-04-2024 14:59

240417-sc15wsef8y 10

16-04-2024 14:20

240416-rnxq6sdg3t 10

Analysis

  • max time kernel
    290s
  • max time network
    1823s
  • platform
    windows10-1703_x64
  • resource
    win10-20240404-de
  • resource tags

    arch:x64arch:x86image:win10-20240404-delocale:de-deos:windows10-1703-x64systemwindows
  • submitted
    16-04-2024 14:20

General

  • Target

    The-MALWARE-Repo-master/Botnets/FritzFrog/001eb377f0452060012124cb214f658754c7488ccb82e23ec56b2f45a636c859

  • Size

    8.7MB

  • MD5

    799c965e0a5a132ec2263d5fea0b0e1c

  • SHA1

    a15c5a706122fabdef1989c893c72c6530fedcb4

  • SHA256

    001eb377f0452060012124cb214f658754c7488ccb82e23ec56b2f45a636c859

  • SHA512

    6c481a855ee6f81dd388c8a4623e519bfbb9f496dada93672360f0a7476fb2b32fd261324156fd4729cef3cbe13f0a8b5862fe47b6db1860d0d67a77283b5ad8

  • SSDEEP

    98304:VqGMOLT5E2Dy8Ji6LrDl3bTMsEplZ1GW5w+Aw:wGMOLTmaHjLXl3bTMsEpf1x5

Score
1/10

Malware Config

Signatures

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\The-MALWARE-Repo-master\Botnets\FritzFrog\001eb377f0452060012124cb214f658754c7488ccb82e23ec56b2f45a636c859
    1⤵
      PID:4100

    Network

    • flag-us
      DNS
      8.8.8.8.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      8.8.8.8.in-addr.arpa
      IN PTR
      Response
      8.8.8.8.in-addr.arpa
      IN PTR
      dnsgoogle
    • flag-us
      DNS
      0.0.0.0.0.0.0.0.0.0.0.0.d.1.0.5.0.0.0.0.0.0.0.0.8.0.8.0.8.0.8.0.ip6.arpa
      Remote address:
      8.8.8.8:53
      Request
      0.0.0.0.0.0.0.0.0.0.0.0.d.1.0.5.0.0.0.0.0.0.0.0.8.0.8.0.8.0.8.0.ip6.arpa
      IN PTR
      Response
    • flag-us
      DNS
      15.173.189.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      15.173.189.20.in-addr.arpa
      IN PTR
      Response
    No results found
    • 8.8.8.8:53
      8.8.8.8.in-addr.arpa
      dns
      66 B
      90 B
      1
      1

      DNS Request

      8.8.8.8.in-addr.arpa

    • 8.8.8.8:53
      0.0.0.0.0.0.0.0.0.0.0.0.d.1.0.5.0.0.0.0.0.0.0.0.8.0.8.0.8.0.8.0.ip6.arpa
      dns
      118 B
      182 B
      1
      1

      DNS Request

      0.0.0.0.0.0.0.0.0.0.0.0.d.1.0.5.0.0.0.0.0.0.0.0.8.0.8.0.8.0.8.0.ip6.arpa

    • 8.8.8.8:53
      15.173.189.20.in-addr.arpa
      dns
      72 B
      158 B
      1
      1

      DNS Request

      15.173.189.20.in-addr.arpa

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.