Overview

overview

4

Static

static

3

d(41).zip

windows7-x64

1

d(41).zip

windows10-2004-x64

1

d(41)/d_eu_(6).zip

windows7-x64

1

d(41)/d_eu_(6).zip

windows10-2004-x64

1

d_freebsd_arm

debian-12-armhf

1

d_freebsd_x32

ubuntu-18.04-amd64

1

d_freebsd_x64

ubuntu-18.04-amd64

1

d_lin_arm

debian-9-armhf

3

d_lin_x32

ubuntu-18.04-amd64

3

d_lin_x64

ubuntu-20.04-amd64

1

d_mac_arm64

macos-10.15-amd64

1

d_mac_x64

macos-10.15-amd64

1

d_win_arm64.exe

windows7-x64

d_win_arm64.exe

windows10-2004-x64

d_win_x32.exe

windows7-x64

1

d_win_x32.exe

windows10-2004-x64

1

d_win_x64.exe

windows7-x64

1

d_win_x64.exe

windows10-2004-x64

1

d(41)/d_ru_(6).zip

windows7-x64

1

d(41)/d_ru_(6).zip

windows10-2004-x64

1

d_freebsd_arm_ru

debian-12-armhf

1

d_freebsd_x32_ru

ubuntu-18.04-amd64

1

d_freebsd_x64_ru

ubuntu-18.04-amd64

1

d_lin_arm_ru

debian-9-armhf

3

d_lin_x32_ru

ubuntu-20.04-amd64

3

d_lin_x64_ru

ubuntu-20.04-amd64

1

d_mac_arm64_ru

macos-10.15-amd64

4

d_mac_x64_ru

macos-10.15-amd64

4

d_win_arm64_ru.exe

windows7-x64

d_win_arm64_ru.exe

windows10-2004-x64

d_win_x32_ru.exe

windows7-x64

1

d_win_x32_ru.exe

windows10-2004-x64

1

Resubmissions

14/06/2024, 14:23 UTC

240614-rqapesxhrn 3

17/04/2024, 09:42 UTC

240417-lpnl1abc26 4

Analysis

  • max time kernel
    14s
  • max time network
    136s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20240226-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20240226-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    17/04/2024, 09:42 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d_freebsd_x64_ru

  • Size

    17.5MB

  • MD5

    16486c7f424534d8e1e3f5dd5d1e0af0

  • SHA1

    19756d00655a57c3f59d93319145bc2a31ec8a01

  • SHA256

    196536079f99234ae169e0384bce341b4ab5b48ff959050c9a3a36c28d675186

  • SHA512

    c5575a8517d6e2e1cf54e6ba54cc537bf2ac3b3037a23f53cbc03830c8353c9a22eb47faddc4a527a6107eb7fcad133a392bf10b9142e1b7d84d93324f0a4e5b

  • SSDEEP

    196608:CF+lJJ6xBpfbL11gkoRxVWPpwLSoGnT0FLNa:Cmb6fpf31URxVKpkStnT0FQ

Score
1/10

Malware Config

Signatures

Processes

  • /tmp/d_freebsd_x64_ru
    /tmp/d_freebsd_x64_ru
    1⤵
      PID:1563

    Network

    • flag-us
      DNS
      cdn.fwupd.org
      Remote address:
      1.1.1.1:53
      Request
      cdn.fwupd.org
      IN A
      Response
      cdn.fwupd.org
      IN CNAME
      dualstack.p2.shared.global.fastly.net
      dualstack.p2.shared.global.fastly.net
      IN A
      151.101.2.49
      dualstack.p2.shared.global.fastly.net
      IN A
      151.101.66.49
      dualstack.p2.shared.global.fastly.net
      IN A
      151.101.130.49
      dualstack.p2.shared.global.fastly.net
      IN A
      151.101.194.49
    • flag-us
      DNS
      cdn.fwupd.org
      Remote address:
      1.1.1.1:53
      Request
      cdn.fwupd.org
      IN AAAA
      Response
      cdn.fwupd.org
      IN CNAME
      dualstack.p2.shared.global.fastly.net
      dualstack.p2.shared.global.fastly.net
      IN AAAA
      2a04:4e42::561
      dualstack.p2.shared.global.fastly.net
      IN AAAA
      2a04:4e42:200::561
      dualstack.p2.shared.global.fastly.net
      IN AAAA
      2a04:4e42:400::561
      dualstack.p2.shared.global.fastly.net
      IN AAAA
      2a04:4e42:600::561
    • flag-us
      DNS
      1527653184.rsc.cdn77.org
      Remote address:
      1.1.1.1:53
      Request
      1527653184.rsc.cdn77.org
      IN A
      Response
      1527653184.rsc.cdn77.org
      IN A
      195.181.164.16
      1527653184.rsc.cdn77.org
      IN A
      89.187.167.5
    • flag-us
      DNS
      1527653184.rsc.cdn77.org
      Remote address:
      1.1.1.1:53
      Request
      1527653184.rsc.cdn77.org
      IN AAAA
      Response
      1527653184.rsc.cdn77.org
      IN AAAA
      2a02:6ea0:ca00::3
      1527653184.rsc.cdn77.org
      IN AAAA
      2a02:6ea0:ca00::4
    • 151.101.194.49:443
      tls
      127 B
       40 B
       2
      1
    • 151.101.129.91:443
      tls
      127 B
       40 B
       2
      1
    • 89.187.167.4:443
      tls
      851 B
       11
    • 185.125.188.61:443
      tls
      135 B
       2
    • 185.125.188.62:443
      tls
      135 B
       2
    • 151.101.194.49:443
      cdn.fwupd.org
      tls
      12.7kB
       967.5kB
       226
      710
    • 151.101.129.91:443
      extensions.gnome.org
      tls
      5.0kB
       224.5kB
       86
      179
    • 195.181.164.16:443
      odrs.gnome.org
      tls
      24.1kB
       1.7MB
       385
      1204
    • 224.0.0.251:5353
      146 B
       2
    • 1.1.1.1:53
      cdn.fwupd.org
      dns
      70 B
       185 B
       1
      1

      DNS Request

      cdn.fwupd.org

      DNS Response

      151.101.2.49
      151.101.66.49
      151.101.130.49
      151.101.194.49

    • 1.1.1.1:53
      cdn.fwupd.org
      dns
      70 B
       233 B
       1
      1

      DNS Request

      cdn.fwupd.org

      DNS Response

      2a04:4e42::561
      2a04:4e42:200::561
      2a04:4e42:400::561
      2a04:4e42:600::561

    • 1.1.1.1:53
      1527653184.rsc.cdn77.org
      dns
      81 B
       113 B
       1
      1

      DNS Request

      1527653184.rsc.cdn77.org

      DNS Response

      195.181.164.16
      89.187.167.5

    • 1.1.1.1:53
      1527653184.rsc.cdn77.org
      dns
      81 B
       137 B
       1
      1

      DNS Request

      1527653184.rsc.cdn77.org

      DNS Response

      2a02:6ea0:ca00::3
      2a02:6ea0:ca00::4

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.