b29ef42de1c3466f80c4f46b198d2f744a5938dca50c073e171da9bef538a96f | Triage

Analysis

max time kernel
99s
max time network
144s
platform
windows10-ltsc 2021_x64
resource
win10ltsc2021-20250113-en
resource tags

arch:x64arch:x86image:win10ltsc2021-20250113-enlocale:en-usos:windows10-ltsc 2021-x64system
submitted
24/01/2025, 01:39 UTC

Sharing

Report Analysis Logs

General

Target

Night Mev/Nigt.dll.ini
Size

591B
MD5

384411d52a1194aea00cfeef4cfca1f4
SHA1

680ffbb4e09a883b85165eccef56a33245302a56
SHA256

aa40a5b32600368c8304d4b3c5f324842fefadb0bb7a73c9d60127710345ca4c
SHA512

d46cce8214d7da08c737e93ca5630c54d82b7a1a60b5c360a2f6ea006081c302afeb23c7a0694bea6cf68dcd25ec93d82b8cf673184274dad674bc42b3cb7b51

Score

1^/10

Malware Config

Signatures

C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE "C:\Users\Admin\AppData\Local\Temp\Night Mev\Nigt.dll.ini"
1⤵
PID:5064

Network

DNS

97.17.167.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

97.17.167.52.in-addr.arpa

IN PTR

Response
DNS

172.210.232.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

172.210.232.199.in-addr.arpa

IN PTR

Response
DNS

2.159.190.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

2.159.190.20.in-addr.arpa

IN PTR

Response
DNS

203.109.54.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

203.109.54.23.in-addr.arpa

IN PTR

Response

203.109.54.23.in-addr.arpa

IN PTR

a23-54-109-203deploystaticakamaitechnologiescom
DNS

154.239.44.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

154.239.44.20.in-addr.arpa

IN PTR

Response
DNS

50.23.12.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

50.23.12.20.in-addr.arpa

IN PTR

Response
DNS

18.31.95.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

18.31.95.13.in-addr.arpa

IN PTR

Response

No results found

8.8.8.8:53

97.17.167.52.in-addr.arpa

dns

71 B
145 B
1
1

DNS Request

97.17.167.52.in-addr.arpa
8.8.8.8:53

172.210.232.199.in-addr.arpa

dns

74 B
128 B
1
1

DNS Request

172.210.232.199.in-addr.arpa
8.8.8.8:53

2.159.190.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

2.159.190.20.in-addr.arpa
8.8.8.8:53

203.109.54.23.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

203.109.54.23.in-addr.arpa
8.8.8.8:53

154.239.44.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

154.239.44.20.in-addr.arpa
8.8.8.8:53

50.23.12.20.in-addr.arpa

dns

70 B
156 B
1
1

DNS Request

50.23.12.20.in-addr.arpa
8.8.8.8:53

18.31.95.13.in-addr.arpa

dns

70 B
144 B
1
1

DNS Request

18.31.95.13.in-addr.arpa

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads