c4d74e49c44c880ec1b4cdede24423872f931e617b33d6bdba31e0534a12b809

Resubmissions

09/11/2024, 22:49 UTC

241109-2r2veatfrl 10

09/11/2024, 22:47 UTC

241109-2qkjqssrdz 10

09/11/2024, 22:46 UTC

241109-2p2fvstfqj 10

09/11/2024, 22:44 UTC

241109-2nsgkasrbt 10

07/11/2024, 16:00 UTC

241107-tfl1taxpgl 10

10/02/2024, 17:17 UTC

240210-vtnl8sge36 10

Analysis

max time kernel
94s
max time network
139s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
09/11/2024, 22:49 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ggpermV3/amifldrv64.sys
Size

18KB
MD5

785045f8b25cd2e937ddc6b09debe01a
SHA1

029c678674f482ababe8bbfdb93152392457109d
SHA256

37073e42ffa0322500f90cd7e3c8d02c4cdd695d31c77e81560abec20bfb68ba
SHA512

40bbeb41816146c7172aa3cf27dace538908b7955171968e1cddcd84403b2588e0d8437a3596c2714ccdf4476eefa3d4e61d90ea118982b729f50b03df1104a9
SSDEEP

384:Cf8OVN6UDYm+b10HMHd6xhxuGZBBfSZsHLPK6jz/cf:CffV8KApCMMxDuIPKgwf

Score

1^/10

Malware Config

Signatures

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\ggpermV3\amifldrv64.sys
1⤵
PID:2364
- C:\Users\Admin\AppData\Local\Temp\ggpermV3\amifldrv64.sys
  C:\Users\Admin\AppData\Local\Temp\ggpermV3\amifldrv64.sys
  2⤵
  PID:384

Network

DNS

8.8.8.8.in-addr.arpa

Remote address:

8.8.8.8:53

Request

8.8.8.8.in-addr.arpa

IN PTR

Response

8.8.8.8.in-addr.arpa

IN PTR

dnsgoogle
DNS

28.118.140.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

28.118.140.52.in-addr.arpa

IN PTR

Response
DNS

172.210.232.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

172.210.232.199.in-addr.arpa

IN PTR

Response
DNS

4.159.190.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

4.159.190.20.in-addr.arpa

IN PTR

Response
DNS

232.168.11.51.in-addr.arpa

Remote address:

8.8.8.8:53

Request

232.168.11.51.in-addr.arpa

IN PTR

Response
DNS

212.20.149.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

212.20.149.52.in-addr.arpa

IN PTR

Response
DNS

15.164.165.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

15.164.165.52.in-addr.arpa

IN PTR

Response
DNS

98.208.201.84.in-addr.arpa

Remote address:

8.8.8.8:53

Request

98.208.201.84.in-addr.arpa

IN PTR

Response
DNS

98.208.201.84.in-addr.arpa

Remote address:

8.8.8.8:53

Request

98.208.201.84.in-addr.arpa

IN PTR
DNS

98.208.201.84.in-addr.arpa

Remote address:

8.8.8.8:53

Request

98.208.201.84.in-addr.arpa

IN PTR
DNS

98.208.201.84.in-addr.arpa

Remote address:

8.8.8.8:53

Request

98.208.201.84.in-addr.arpa

IN PTR
DNS

98.208.201.84.in-addr.arpa

Remote address:

8.8.8.8:53

Request

98.208.201.84.in-addr.arpa

IN PTR
DNS

13.227.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

13.227.111.52.in-addr.arpa

IN PTR

Response

No results found

8.8.8.8:53

8.8.8.8.in-addr.arpa

dns

66 B
90 B
1
1

DNS Request

8.8.8.8.in-addr.arpa
8.8.8.8:53

28.118.140.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

28.118.140.52.in-addr.arpa
8.8.8.8:53

172.210.232.199.in-addr.arpa

dns

74 B
128 B
1
1

DNS Request

172.210.232.199.in-addr.arpa
8.8.8.8:53

4.159.190.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

4.159.190.20.in-addr.arpa
8.8.8.8:53

232.168.11.51.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

232.168.11.51.in-addr.arpa
8.8.8.8:53

212.20.149.52.in-addr.arpa

dns

72 B
146 B
1
1

DNS Request

212.20.149.52.in-addr.arpa
8.8.8.8:53

15.164.165.52.in-addr.arpa

dns

72 B
146 B
1
1

DNS Request

15.164.165.52.in-addr.arpa
8.8.8.8:53

98.208.201.84.in-addr.arpa

dns

360 B
132 B
5
1

DNS Request

98.208.201.84.in-addr.arpa

DNS Request

98.208.201.84.in-addr.arpa

DNS Request

98.208.201.84.in-addr.arpa

DNS Request

98.208.201.84.in-addr.arpa

DNS Request

98.208.201.84.in-addr.arpa
8.8.8.8:53

13.227.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

13.227.111.52.in-addr.arpa

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/384-0-0x0000000000010000-0x0000000000017000-memory.dmp

Filesize
28KB

Download

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.