14a3cd816f1708a263ca200cc9503baae176ec17c32306cc8c67b35a1774c5e9 | Triage

Analysis

max time kernel
92s
max time network
96s
platform
windows10-2004_x64
resource
win10v2004-20240704-en
resource tags

arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
submitted
06/07/2024, 01:04 UTC

Sharing

Report Analysis Logs

General

Target

Free_CHM_Decompiler/Free_CHM_Decompiler.exe
Size

163KB
MD5

c438e6042266e16c985e44a669fbe8b9
SHA1

75ec4eb7c19c1395f3bb7ecc461c4597b407325e
SHA256

d3385f85746bcd2957aa242b910abcc56b7ae4785e5b14f133f305e8a474f993
SHA512

04085b5c9dc0553a8b7818fefa6556d9a96d65cb001351b72648642e593ae91af9bf7b214b29263ab107b0074941ac35c50152b0857796467dc6d774ecd05539
SSDEEP

3072:3tKa/r0ymdz7MUPHRAnc+9aMs8aAqMZB9asH+5IyOfgB0/N8NSkyOsWFUdT4:dKaQ50UPH6c+9QtAqhse5b/NJyOTFOM

Score

1^/10

Malware Config

Signatures

C:\Users\Admin\AppData\Local\Temp\Free_CHM_Decompiler\Free_CHM_Decompiler.exe
"C:\Users\Admin\AppData\Local\Temp\Free_CHM_Decompiler\Free_CHM_Decompiler.exe"
1⤵
PID:1048

Network

DNS

14.160.190.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

14.160.190.20.in-addr.arpa

IN PTR

Response
DNS

103.169.127.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

103.169.127.40.in-addr.arpa

IN PTR

Response
DNS

18.31.95.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

18.31.95.13.in-addr.arpa

IN PTR

Response
DNS

147.142.123.92.in-addr.arpa

Remote address:

8.8.8.8:53

Request

147.142.123.92.in-addr.arpa

IN PTR

Response

147.142.123.92.in-addr.arpa

IN PTR

a92-123-142-147deploystaticakamaitechnologiescom
DNS

73.144.22.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

73.144.22.2.in-addr.arpa

IN PTR

Response

73.144.22.2.in-addr.arpa

IN PTR

a2-22-144-73deploystaticakamaitechnologiescom
DNS

81.144.22.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

81.144.22.2.in-addr.arpa

IN PTR

Response

81.144.22.2.in-addr.arpa

IN PTR

a2-22-144-81deploystaticakamaitechnologiescom

No results found

8.8.8.8:53

14.160.190.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

14.160.190.20.in-addr.arpa
8.8.8.8:53

103.169.127.40.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

103.169.127.40.in-addr.arpa
8.8.8.8:53

18.31.95.13.in-addr.arpa

dns

70 B
144 B
1
1

DNS Request

18.31.95.13.in-addr.arpa
8.8.8.8:53

147.142.123.92.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

147.142.123.92.in-addr.arpa
8.8.8.8:53

73.144.22.2.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

73.144.22.2.in-addr.arpa
8.8.8.8:53

81.144.22.2.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

81.144.22.2.in-addr.arpa

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1048-0-0x0000000000400000-0x00000000004A7000-memory.dmp

Filesize
668KB

Download
memory/1048-1-0x0000000002240000-0x0000000002241000-memory.dmp

Filesize
4KB

Download
memory/1048-2-0x0000000000400000-0x00000000004A7000-memory.dmp

Filesize
668KB

Download
memory/1048-3-0x0000000002240000-0x0000000002241000-memory.dmp

Filesize
4KB

Download