Analysis

  • max time kernel
    430s
  • max time network
    1150s
  • platform
    windows11-21h2_x64
  • resource
    win11-20241023-en
  • resource tags

    arch:x64arch:x86image:win11-20241023-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    19-12-2024 19:53

General

  • Target

    Vape/bin/Microsoft.Extensions.Http.dll

  • Size

    61KB

  • MD5

    c331531b3b837905ed89ab133ffde60d

  • SHA1

    ef86d3ee82cca360623df523feb0e2792ded63aa

  • SHA256

    c9432f43000e7ac8b3fb21f1125bbf39b2bb81022a71247bbe4b4e212a67b5a0

  • SHA512

    794568a802103c49dce8d6be50949032bfc1384ee2554bd5e2542eb1a373e0aef7e7fb16cbf91251348aa66dfc7bb41a6a0fef85ec9f5a3e67037cee1c461437

  • SSDEEP

    768:Efaryg7ezKxNboGPnFCPf+N57MNq/HfJnukPIXJ5hFV0n0UHLp0HP:1zemN8GPnFiGN54N4Jnukgj6HLpC

Score
1/10

Malware Config

Signatures

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\Vape\bin\Microsoft.Extensions.Http.dll,#1
    1⤵
      PID:896

    Network

    • flag-us
      DNS
      19.229.111.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      19.229.111.52.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      106.246.116.51.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      106.246.116.51.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      106.246.116.51.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      106.246.116.51.in-addr.arpa
      IN PTR
    No results found
    • 8.8.8.8:53
      19.229.111.52.in-addr.arpa
      dns
      218 B
      317 B
      3
      2

      DNS Request

      19.229.111.52.in-addr.arpa

      DNS Request

      106.246.116.51.in-addr.arpa

      DNS Request

      106.246.116.51.in-addr.arpa

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.