bede47698d2f67f085bac60fd170306935c182062e57aa717fa85f130375584e

Analysis

max time kernel
149s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
29/05/2024, 01:50 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

bede47698d2f67f085bac60fd170306935c182062e57aa717fa85f130375584e.exe
Size

780KB
MD5

66a7a48f673ed1a801e37d0a3e7b1c7a
SHA1

9d67bc9f7e662c11ec2a5955175356211275ef46
SHA256

bede47698d2f67f085bac60fd170306935c182062e57aa717fa85f130375584e
SHA512

8529fde9707cec1fff01a689e8b1eb7ee4064a0b886412bd8b9b4d16999a00516236e2aad14dc15810a5875adea48fbe9f6a3d1d917fc625aea035f7f4961127
SSDEEP

12288:HJ5xP0E0apPSfXSyVeiE7/SN7ob+WLnqA86DCiSo4IFMdWLnqA86DCiSo4IF:Hrh7KHq7I7ebUG

Score

3^/10

Malware Config

Signatures

Program crash 1 IoCs

pid	pid_target	Process	procid_target
1856	1528	WerFault.exe	81

C:\Users\Admin\AppData\Local\Temp\bede47698d2f67f085bac60fd170306935c182062e57aa717fa85f130375584e.exe
"C:\Users\Admin\AppData\Local\Temp\bede47698d2f67f085bac60fd170306935c182062e57aa717fa85f130375584e.exe"
1⤵
PID:1528
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 1528 -s 236
  2⤵
  - Program crash
  PID:1856

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 1528 -ip 1528
1⤵
PID:1448

Network

DNS

241.150.49.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

241.150.49.20.in-addr.arpa

IN PTR

Response
DNS

96.136.73.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

96.136.73.23.in-addr.arpa

IN PTR

Response

96.136.73.23.in-addr.arpa

IN PTR

a23-73-136-96deploystaticakamaitechnologiescom
DNS

140.32.126.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

140.32.126.40.in-addr.arpa

IN PTR

Response
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

209.205.72.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

209.205.72.20.in-addr.arpa

IN PTR

Response
DNS

209.205.72.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

209.205.72.20.in-addr.arpa

IN PTR
DNS

183.59.114.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

183.59.114.20.in-addr.arpa

IN PTR

Response
DNS

198.187.3.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

198.187.3.20.in-addr.arpa

IN PTR

Response
DNS

198.187.3.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

198.187.3.20.in-addr.arpa

IN PTR
DNS

172.210.232.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

172.210.232.199.in-addr.arpa

IN PTR

Response
DNS

25.140.123.92.in-addr.arpa

Remote address:

8.8.8.8:53

Request

25.140.123.92.in-addr.arpa

IN PTR

Response

25.140.123.92.in-addr.arpa

IN PTR

a92-123-140-25deploystaticakamaitechnologiescom

No results found

8.8.8.8:53

241.150.49.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

241.150.49.20.in-addr.arpa
8.8.8.8:53

96.136.73.23.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

96.136.73.23.in-addr.arpa
8.8.8.8:53

140.32.126.40.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

140.32.126.40.in-addr.arpa
8.8.8.8:53

95.221.229.192.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

95.221.229.192.in-addr.arpa
8.8.8.8:53

209.205.72.20.in-addr.arpa

dns

144 B
158 B
2
1

DNS Request

209.205.72.20.in-addr.arpa

DNS Request

209.205.72.20.in-addr.arpa
8.8.8.8:53

183.59.114.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

183.59.114.20.in-addr.arpa
8.8.8.8:53

198.187.3.20.in-addr.arpa

dns

142 B
157 B
2
1

DNS Request

198.187.3.20.in-addr.arpa

DNS Request

198.187.3.20.in-addr.arpa
8.8.8.8:53

172.210.232.199.in-addr.arpa

dns

74 B
128 B
1
1

DNS Request

172.210.232.199.in-addr.arpa
8.8.8.8:53

25.140.123.92.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

25.140.123.92.in-addr.arpa
8.8.8.8:53

Windows 7 deprecation

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

Loading Replay Monitor...

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.