Malware Analysis Report

2025-01-19 04:42

Sample ID 240807-xec83asbpj
Target https://oglesby.superokay.com/share/-T51hJpPa7GXuRk94jV0L
Tags
score
1/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
1/10

Threat Level: No (potentially) malicious behavior was detected

The file https://oglesby.superokay.com/share/-T51hJpPa7GXuRk94jV0L was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary

N/A

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2024-08-07 18:45

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-08-07 18:45

Reported

2024-08-07 18:48

Platform

win10v2004-20240802-en

Max time kernel

148s

Max time network

145s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://oglesby.superokay.com/share/-T51hJpPa7GXuRk94jV0L

Signatures

N/A

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://oglesby.superokay.com/share/-T51hJpPa7GXuRk94jV0L

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=4152,i,6510295916244954942,10164894160290787457,262144 --variations-seed-version --mojo-platform-channel-handle=4708 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=4120,i,6510295916244954942,10164894160290787457,262144 --variations-seed-version --mojo-platform-channel-handle=1288 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=5400,i,6510295916244954942,10164894160290787457,262144 --variations-seed-version --mojo-platform-channel-handle=5444 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --field-trial-handle=5380,i,6510295916244954942,10164894160290787457,262144 --variations-seed-version --mojo-platform-channel-handle=5464 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=5940,i,6510295916244954942,10164894160290787457,262144 --variations-seed-version --mojo-platform-channel-handle=5928 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --field-trial-handle=5572,i,6510295916244954942,10164894160290787457,262144 --variations-seed-version --mojo-platform-channel-handle=5464 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --field-trial-handle=5680,i,6510295916244954942,10164894160290787457,262144 --variations-seed-version --mojo-platform-channel-handle=6296 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --field-trial-handle=6476,i,6510295916244954942,10164894160290787457,262144 --variations-seed-version --mojo-platform-channel-handle=6420 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=23 --field-trial-handle=6100,i,6510295916244954942,10164894160290787457,262144 --variations-seed-version --mojo-platform-channel-handle=5376 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=24 --field-trial-handle=5876,i,6510295916244954942,10164894160290787457,262144 --variations-seed-version --mojo-platform-channel-handle=6332 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=25 --field-trial-handle=4908,i,6510295916244954942,10164894160290787457,262144 --variations-seed-version --mojo-platform-channel-handle=6460 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\127.0.2651.86\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\127.0.2651.86\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --field-trial-handle=6272,i,6510295916244954942,10164894160290787457,262144 --variations-seed-version --mojo-platform-channel-handle=5664 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\127.0.2651.86\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\127.0.2651.86\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --field-trial-handle=6272,i,6510295916244954942,10164894160290787457,262144 --variations-seed-version --mojo-platform-channel-handle=5664 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=27 --field-trial-handle=6456,i,6510295916244954942,10164894160290787457,262144 --variations-seed-version --mojo-platform-channel-handle=6684 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=28 --field-trial-handle=6928,i,6510295916244954942,10164894160290787457,262144 --variations-seed-version --mojo-platform-channel-handle=5880 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=29 --field-trial-handle=4964,i,6510295916244954942,10164894160290787457,262144 --variations-seed-version --mojo-platform-channel-handle=6064 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 oglesby.superokay.com udp
US 8.8.8.8:53 oglesby.superokay.com udp
US 8.8.8.8:53 oglesby.superokay.com udp
US 35.171.11.41:443 oglesby.superokay.com tcp
US 35.171.11.41:443 oglesby.superokay.com tcp
US 8.8.8.8:53 business.bing.com udp
US 8.8.8.8:53 business.bing.com udp
US 13.107.6.158:443 business.bing.com tcp
US 8.8.8.8:53 bzib.nelreports.net udp
US 8.8.8.8:53 bzib.nelreports.net udp
US 35.171.11.41:443 oglesby.superokay.com tcp
GB 2.18.190.74:443 bzib.nelreports.net tcp
US 8.8.8.8:53 41.11.171.35.in-addr.arpa udp
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 2.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 74.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
GB 13.87.96.169:443 nav-edge.smartscreen.microsoft.com tcp
US 8.8.8.8:53 use.fontawesome.com udp
US 8.8.8.8:53 use.fontawesome.com udp
US 104.21.27.152:443 use.fontawesome.com udp
US 104.21.27.152:443 use.fontawesome.com tcp
US 8.8.8.8:53 g.bing.com udp
US 204.79.197.237:443 g.bing.com tcp
US 8.8.8.8:53 169.96.87.13.in-addr.arpa udp
US 8.8.8.8:53 79.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 152.27.21.104.in-addr.arpa udp
US 8.8.8.8:53 42.36.251.142.in-addr.arpa udp
US 8.8.8.8:53 3.36.251.142.in-addr.arpa udp
US 8.8.8.8:53 237.197.79.204.in-addr.arpa udp
US 35.171.11.41:443 oglesby.superokay.com tcp
DE 2.19.96.82:443 www.bing.com udp
US 8.8.8.8:53 82.96.19.2.in-addr.arpa udp
DE 2.19.96.82:443 www.bing.com tcp
US 8.8.8.8:53 lh3.googleusercontent.com udp
US 8.8.8.8:53 lh3.googleusercontent.com udp
NL 142.251.36.1:443 lh3.googleusercontent.com tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 1.36.251.142.in-addr.arpa udp
US 8.8.8.8:53 86.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 171.39.242.20.in-addr.arpa udp
US 8.8.8.8:53 73.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 19.229.111.52.in-addr.arpa udp
US 8.8.8.8:53 d280c681.a32d459cd06b27c992afd234.workers.dev udp
US 8.8.8.8:53 d280c681.a32d459cd06b27c992afd234.workers.dev udp
US 8.8.8.8:53 d280c681.a32d459cd06b27c992afd234.workers.dev udp
US 8.8.8.8:53 oglesby.superokay.com udp
US 104.21.10.98:443 d280c681.a32d459cd06b27c992afd234.workers.dev udp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 104.18.95.41:443 challenges.cloudflare.com udp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 8.8.8.8:53 d280c681.a32d459cd06b27c992afd234.workers.dev udp
US 104.18.94.41:443 challenges.cloudflare.com udp
US 8.8.8.8:53 98.10.21.104.in-addr.arpa udp
US 8.8.8.8:53 41.95.18.104.in-addr.arpa udp
US 8.8.8.8:53 41.94.18.104.in-addr.arpa udp
US 8.8.8.8:53 goldnegiant.com udp
US 8.8.8.8:53 goldnegiant.com udp
US 172.233.129.84:443 goldnegiant.com tcp
US 8.8.8.8:53 r11.i.lencr.org udp
US 8.8.8.8:53 r11.i.lencr.org udp
DE 2.19.96.57:80 r11.i.lencr.org tcp
US 8.8.8.8:53 vxfeslv11px.syrovaox.online udp
US 8.8.8.8:53 vxfeslv11px.syrovaox.online udp
US 8.8.8.8:53 vxfeslv11px.syrovaox.online udp
US 8.8.8.8:53 d280c681.a32d459cd06b27c992afd234.workers.dev udp
US 172.233.129.84:443 vxfeslv11px.syrovaox.online tcp
US 172.233.129.84:443 vxfeslv11px.syrovaox.online tcp
US 8.8.8.8:53 57.96.19.2.in-addr.arpa udp
US 8.8.8.8:53 84.129.233.172.in-addr.arpa udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 nav-edge.smartscreen.microsoft.com udp
US 172.233.129.84:443 vxfeslv11px.syrovaox.online udp
US 172.233.129.84:443 vxfeslv11px.syrovaox.online tcp
US 8.8.8.8:53 aadcdn.msauth.net udp
US 8.8.8.8:53 aadcdn.msauth.net udp
US 8.8.8.8:53 aadcdn.msftauth.net udp
US 8.8.8.8:53 aadcdn.msftauth.net udp
US 172.233.129.84:443 vxfeslv11px.syrovaox.online tcp
US 172.233.129.84:443 vxfeslv11px.syrovaox.online tcp
US 172.233.129.84:443 vxfeslv11px.syrovaox.online tcp
US 8.8.8.8:53 68.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 outlook.office365.com udp
US 8.8.8.8:53 outlook.office365.com udp
US 8.8.8.8:53 outlook.office365.com udp
US 8.8.8.8:53 vxfeslv11px.syrovaox.online udp
GB 52.97.241.162:443 outlook.office365.com tcp
US 172.233.129.84:443 vxfeslv11px.syrovaox.online tcp
US 172.233.129.84:443 vxfeslv11px.syrovaox.online tcp
US 172.233.129.84:443 vxfeslv11px.syrovaox.online tcp
US 172.233.129.84:443 vxfeslv11px.syrovaox.online tcp
US 172.233.129.84:443 vxfeslv11px.syrovaox.online tcp
US 8.8.8.8:53 r4.res.office365.com udp
US 8.8.8.8:53 r4.res.office365.com udp
US 172.233.129.84:443 vxfeslv11px.syrovaox.online tcp
GB 2.18.27.69:443 r4.res.office365.com tcp
US 172.233.129.84:443 vxfeslv11px.syrovaox.online tcp
US 8.8.8.8:53 162.241.97.52.in-addr.arpa udp
US 8.8.8.8:53 69.27.18.2.in-addr.arpa udp
US 8.8.8.8:53 devtools.azureedge.net udp
US 8.8.8.8:53 devtools.azureedge.net udp
US 172.233.129.84:443 vxfeslv11px.syrovaox.online tcp
US 172.233.129.84:443 vxfeslv11px.syrovaox.online tcp
US 172.233.129.84:443 vxfeslv11px.syrovaox.online tcp
US 8.8.8.8:53 devtools.azureedge.net udp
US 8.8.8.8:53 devtools.azureedge.net udp
US 8.8.8.8:53 devtools.azureedge.net udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
US 172.233.129.84:443 vxfeslv11px.syrovaox.online tcp
US 172.233.129.84:443 vxfeslv11px.syrovaox.online tcp
US 172.233.129.84:443 vxfeslv11px.syrovaox.online tcp
US 172.233.129.84:443 vxfeslv11px.syrovaox.online tcp
US 8.8.8.8:53 vxfeslv11px.syrovaox.online udp
US 8.8.8.8:53 vxfeslv11px.syrovaox.online udp
US 8.8.8.8:53 acctcdn.msauth.net udp
US 8.8.8.8:53 acctcdn.msauth.net udp
US 8.8.8.8:53 acctcdn.msftauth.net udp
US 8.8.8.8:53 acctcdn.msftauth.net udp
US 152.199.21.175:443 acctcdn.msftauth.net tcp
US 8.8.8.8:53 lgincdnmsftuswe2.azureedge.net udp
US 8.8.8.8:53 lgincdnmsftuswe2.azureedge.net udp
US 8.8.8.8:53 lgincdnvzeuno.azureedge.net udp
US 8.8.8.8:53 lgincdnvzeuno.azureedge.net udp
US 8.8.8.8:53 logincdn.msftauth.net udp
US 8.8.8.8:53 logincdn.msftauth.net udp
US 8.8.8.8:53 acctcdnvzeuno.azureedge.net udp
US 8.8.8.8:53 acctcdnvzeuno.azureedge.net udp
US 8.8.8.8:53 acctcdnmsftuswe2.azureedge.net udp
US 8.8.8.8:53 acctcdnmsftuswe2.azureedge.net udp
US 8.8.8.8:53 73.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 175.21.199.152.in-addr.arpa udp
US 8.8.8.8:53 devtools.azureedge.net udp
US 8.8.8.8:53 ipv6.login.live.com udp
US 8.8.8.8:53 ipv6.login.live.com udp
US 8.8.8.8:53 ipv6.login.live.com udp
N/A 127.0.0.1:9229 tcp
US 8.8.8.8:53 ipv6.login.live.com udp
US 8.8.8.8:53 ipv6.login.live.com udp
US 8.8.8.8:53 browser.events.data.microsoft.com udp
US 8.8.8.8:53 browser.events.data.microsoft.com udp
US 20.42.73.25:443 browser.events.data.microsoft.com tcp
US 8.8.8.8:53 25.73.42.20.in-addr.arpa udp
US 20.42.73.25:443 browser.events.data.microsoft.com tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
DE 2.19.96.11:443 www.bing.com tcp
US 8.8.8.8:53 11.96.19.2.in-addr.arpa udp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp
N/A 127.0.0.1:9229 tcp

Files

N/A