9df41ebe1a2c61bbc382a85a7788e127e4dafada4955a1b6c3dfcaf460bd714f

Resubmissions

09/07/2024, 13:39 UTC

240709-qydwdayanf 7

09/07/2024, 07:52 UTC

240709-jqdr3swdle 6

09/07/2024, 06:42 UTC

240709-hgkzcs1bjl 5

09/07/2024, 06:34 UTC

240709-hb2d6azhjn 3

09/07/2024, 05:47 UTC

240709-ggxgqa1crh 4

Analysis

max time kernel
116s
max time network
162s
platform
windows10-2004_x64
resource
win10v2004-20240704-en
resource tags

arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
submitted
09/07/2024, 06:42 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

curl.exe
Size

649KB
MD5

50679935a55f0805dc12a9188065dfae
SHA1

81c324ddc98578136dbe7d2a8d388a2ef52a86f6
SHA256

2bbad800bc5058cad5631dbffd39fb8a293616479250c47b38dc8e8eb61dc3da
SHA512

08f5ceeca4499ebc945547c1ae5742111426df36ab37f4848db32de23e4fad0a9fddb1e4e2e4f00887aeec667854b06d85b92115f0aa309e8eecce5410735f0d
SSDEEP

12288:/b2htB0sBsEtU61hU8whEZu2rKzoAbfYXJRQIQFuYfnv6:/6ZhT18EZuUKzTYMIQFNnv6

Score

1^/10

Malware Config

Signatures

C:\Users\Admin\AppData\Local\Temp\curl.exe
"C:\Users\Admin\AppData\Local\Temp\curl.exe"
1⤵
PID:2560

Network

DNS

8.8.8.8.in-addr.arpa

Remote address:

8.8.8.8:53

Request

8.8.8.8.in-addr.arpa

IN PTR

Response

8.8.8.8.in-addr.arpa

IN PTR

dnsgoogle
DNS

240.221.184.93.in-addr.arpa

Remote address:

8.8.8.8:53

Request

240.221.184.93.in-addr.arpa

IN PTR

Response
DNS

45.19.74.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

45.19.74.20.in-addr.arpa

IN PTR

Response
DNS

18.31.95.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

18.31.95.13.in-addr.arpa

IN PTR

Response
DNS

103.169.127.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

103.169.127.40.in-addr.arpa

IN PTR

Response
DNS

172.210.232.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

172.210.232.199.in-addr.arpa

IN PTR

Response
DNS

13.227.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

13.227.111.52.in-addr.arpa

IN PTR

Response
DNS

172.214.232.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

172.214.232.199.in-addr.arpa

IN PTR

Response
DNS

50.242.123.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

50.242.123.52.in-addr.arpa

IN PTR

Response

No results found

8.8.8.8:53

8.8.8.8.in-addr.arpa

dns

66 B
90 B
1
1

DNS Request

8.8.8.8.in-addr.arpa
8.8.8.8:53

240.221.184.93.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

240.221.184.93.in-addr.arpa
8.8.8.8:53

45.19.74.20.in-addr.arpa

dns

70 B
156 B
1
1

DNS Request

45.19.74.20.in-addr.arpa
8.8.8.8:53

18.31.95.13.in-addr.arpa

dns

70 B
144 B
1
1

DNS Request

18.31.95.13.in-addr.arpa
8.8.8.8:53

103.169.127.40.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

103.169.127.40.in-addr.arpa
8.8.8.8:53

172.210.232.199.in-addr.arpa

dns

74 B
128 B
1
1

DNS Request

172.210.232.199.in-addr.arpa
8.8.8.8:53

13.227.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

13.227.111.52.in-addr.arpa
8.8.8.8:53

172.214.232.199.in-addr.arpa

dns

74 B
128 B
1
1

DNS Request

172.214.232.199.in-addr.arpa
8.8.8.8:53

50.242.123.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

50.242.123.52.in-addr.arpa

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.