Analysis

  • max time kernel
    94s
  • max time network
    144s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21-12-2024 15:03

General

  • Target

    95ac3fcd57f5258eb09e75fa3fbf2ab4cf91b4eb5bfa2e01e1216aafb9405e78.exe

  • Size

    1.5MB

  • MD5

    286f02e8f3fd6e4101df9a14bf5e7c22

  • SHA1

    871bb5b42888cb76f168b406efaf87f4c80c1e0b

  • SHA256

    95ac3fcd57f5258eb09e75fa3fbf2ab4cf91b4eb5bfa2e01e1216aafb9405e78

  • SHA512

    e6bb310ba1d229d362240b291679c9bf34dc150fd810e9e89d2789de5add8e0cc5dfe5021ae08c06bce62255b74001d2e3719152d15ccfbf4b71b595000b384b

  • SSDEEP

    24576:Yxf+JK9gNu0HyC6nf3vyU584JfVE7O2Ym5cYfMJUO2C/+X:jJK+NuSJ6nf3vb5HJfVE7O7m5cYMJnpk

Score
1/10

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\95ac3fcd57f5258eb09e75fa3fbf2ab4cf91b4eb5bfa2e01e1216aafb9405e78.exe
    "C:\Users\Admin\AppData\Local\Temp\95ac3fcd57f5258eb09e75fa3fbf2ab4cf91b4eb5bfa2e01e1216aafb9405e78.exe"
    1⤵
      PID:2420

    Network

    • flag-us
      DNS
      154.239.44.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      154.239.44.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      88.210.23.2.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      88.210.23.2.in-addr.arpa
      IN PTR
      Response
      88.210.23.2.in-addr.arpa
      IN PTR
      a2-23-210-88deploystaticakamaitechnologiescom
    • flag-us
      DNS
      75.159.190.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      75.159.190.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      95.221.229.192.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      95.221.229.192.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      196.249.167.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      196.249.167.52.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      197.87.175.4.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      197.87.175.4.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      241.42.69.40.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      241.42.69.40.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      83.210.23.2.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      83.210.23.2.in-addr.arpa
      IN PTR
      Response
      83.210.23.2.in-addr.arpa
      IN PTR
      a2-23-210-83deploystaticakamaitechnologiescom
    • flag-us
      DNS
      43.229.111.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      43.229.111.52.in-addr.arpa
      IN PTR
      Response
    No results found
    • 8.8.8.8:53
      154.239.44.20.in-addr.arpa
      dns
      72 B
      158 B
      1
      1

      DNS Request

      154.239.44.20.in-addr.arpa

    • 8.8.8.8:53
      88.210.23.2.in-addr.arpa
      dns
      70 B
      133 B
      1
      1

      DNS Request

      88.210.23.2.in-addr.arpa

    • 8.8.8.8:53
      75.159.190.20.in-addr.arpa
      dns
      72 B
      158 B
      1
      1

      DNS Request

      75.159.190.20.in-addr.arpa

    • 8.8.8.8:53
      95.221.229.192.in-addr.arpa
      dns
      73 B
      144 B
      1
      1

      DNS Request

      95.221.229.192.in-addr.arpa

    • 8.8.8.8:53
      196.249.167.52.in-addr.arpa
      dns
      73 B
      147 B
      1
      1

      DNS Request

      196.249.167.52.in-addr.arpa

    • 8.8.8.8:53
      197.87.175.4.in-addr.arpa
      dns
      71 B
      157 B
      1
      1

      DNS Request

      197.87.175.4.in-addr.arpa

    • 8.8.8.8:53
      241.42.69.40.in-addr.arpa
      dns
      71 B
      145 B
      1
      1

      DNS Request

      241.42.69.40.in-addr.arpa

    • 8.8.8.8:53
      83.210.23.2.in-addr.arpa
      dns
      70 B
      133 B
      1
      1

      DNS Request

      83.210.23.2.in-addr.arpa

    • 8.8.8.8:53
      43.229.111.52.in-addr.arpa
      dns
      72 B
      158 B
      1
      1

      DNS Request

      43.229.111.52.in-addr.arpa

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2420-0-0x0000000000400000-0x0000000000579000-memory.dmp

      Filesize

      1.5MB

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.