Xcitium Cloud Verdict

File Name: virussign.com_5c9bbe8e5b749efba278eabd96c9cbe1.exe

File Type: PE32+ executable (GUI) x86-64, for MS Windows

SHA1: 3b48a7ed61ab4ca62ecd8591bfdec38c3cf0493d

MD5: 5c9bbe8e5b749efba278eabd96c9cbe1

Contacted IPs

Network Port Distribution

Name	IP	Country	ASN	ASN Name	Trigger Process Type
	8.8.4.4	United States	15169	Google LLC	Malware Process
	8.8.8.8	United States	15169	Google LLC	Malware Process
					Malware Process
www.aieov.com	173.255.194.134	United States	63949	Akamai Technologies, Inc.	Malware Process
przvgke.biz	172.234.222.138	United States	63949	Akamai Technologies, Inc.	Malware Process
ssbzmoy.biz	18.141.10.107	United States	16509	Amazon Technologies Inc.	Malware Process
npukfztj.biz	44.221.84.105	United States	14618	Amazon.com, Inc.	Malware Process
xlfhhhm.biz	47.129.31.212	Canada	16509	Amazon Technologies Inc.	Malware Process
knjghuig.biz	18.141.10.107	United States	16509	Amazon Technologies Inc.	Malware Process
					Malware Process
lrxdmhrr.biz	54.244.188.177	United States	16509	Amazon Technologies Inc.	Malware Process
deoci.biz	18.208.156.248	United States	14618	Amazon Technologies Inc.	Malware Process
ifsaia.biz	13.251.16.150	Singapore	16509	Amazon Technologies Inc.	Malware Process
gytujflc.biz	208.100.26.245	United States	32748	Steadfast	Malware Process
pywolwnvd.biz	54.244.188.177	United States	16509	Amazon Technologies Inc.	Malware Process
nqwjmb.biz	35.164.78.200	United States	16509	Amazon Technologies Inc.	Malware Process
myups.biz	165.160.13.20	United States	19574	Corporation Service Company	Malware Process
saytjshyf.biz	44.221.84.105	United States	14618	Amazon.com, Inc.	Malware Process
dwrqljrr.biz	54.244.188.177	United States	16509	Amazon Technologies Inc.	Malware Process
lpuegx.biz	82.112.184.197	Russian Federation	43267	"Vysokie tehnologii" LLC, our trademark is "First Line"	Malware Process
bumxkqgxu.biz	44.221.84.105	United States	14618	Amazon.com, Inc.	Malware Process
cvgrf.biz	54.244.188.177	United States	16509	Amazon Technologies Inc.	Malware Process
clients2.google.com	142.250.72.110	United States	15169	Google LLC	Malware Process
qaynky.biz	13.251.16.150	Singapore	16509	Amazon Technologies Inc.	Malware Process
vcddkls.biz	18.141.10.107	United States	16509	Amazon Technologies Inc.	Malware Process
yunalwv.biz	208.100.26.245	United States	32748	Steadfast	Malware Process
vjaxhpbji.biz	82.112.184.197	Russian Federation	43267	"Vysokie tehnologii" LLC, our trademark is "First Line"	Malware Process
gnqgo.biz	18.208.156.248	United States	14618	Amazon Technologies Inc.	Malware Process
oshhkdluh.biz	54.244.188.177	United States	16509	Amazon Technologies Inc.	Malware Process
tbjrpv.biz	34.246.200.160	Ireland	16509	Amazon Technologies Inc.	Malware Process
					Malware Process
fwiwk.biz	172.234.222.138	United States	63949	Akamai Technologies, Inc.	Malware Process
wllvnzb.biz	18.141.10.107	United States	16509	Amazon Technologies Inc.	Malware Process
jpskm.biz	34.211.97.45	United States	16509	Amazon Technologies Inc.	Malware Process
					Malware Process
ytctnunms.biz	3.94.10.34	United States	14618	Amazon Technologies Inc.	Malware Process

HTTP Packets

Host	Port	Method	Version	User Agent	Count	Call Time During Execution(Sec)

DNS Queries/Answers

Request	Type
pywolwnvd.biz	A
5isohu.com	A
www.aieov.com	A
ssbzmoy.biz	A
cvgrf.biz	A
npukfztj.biz	A
przvgke.biz	A
zlenh.biz	A
knjghuig.biz	A
uhxqin.biz	A
anpmnmxo.biz	A
lpuegx.biz	A
vjaxhpbji.biz	A
xlfhhhm.biz	A
clients2.google.com	A
ifsaia.biz	A
saytjshyf.biz	A
vcddkls.biz	A
fwiwk.biz	A
tbjrpv.biz	A
deoci.biz	A
gytujflc.biz	A
qaynky.biz	A
bumxkqgxu.biz	A
dwrqljrr.biz	A
nqwjmb.biz	A
ytctnunms.biz	A
myups.biz	A
oshhkdluh.biz	A
yunalwv.biz	A
jpskm.biz	A
lrxdmhrr.biz	A
wllvnzb.biz	A
gnqgo.biz	A

TCP Packets

Call Time During Execution(sec)	Source IP	Dest IP	Dest Port

UDP Packets

Call Time During Execution(sec)	Source IP	Dest IP	Dest Port
6.86160182953	Sandbox	224.0.0.252	5355
6.88230895996	Sandbox	224.0.0.252	5355
6.93098378181	Sandbox	192.168.56.255	137
9.48566389084	Sandbox	224.0.0.252	5355
10.9663009644	Sandbox	224.0.0.252	5355
12.930824995	Sandbox	192.168.56.255	138
14.2926478386	Sandbox	8.8.4.4	53
14.3323628902	Sandbox	8.8.4.4	53
15.2907259464	Sandbox	8.8.8.8	53
15.3217439651	Sandbox	8.8.8.8	53
21.540158987	Sandbox	8.8.4.4	53
22.5399038792	Sandbox	8.8.8.8	53
28.7253479958	Sandbox	8.8.8.8	53
29.7123069763	Sandbox	8.8.4.4	53
33.5414829254	Sandbox	8.8.8.8	53
34.5399768353	Sandbox	8.8.4.4	53
43.1628217697	Sandbox	8.8.8.8	53
44.1517548561	Sandbox	8.8.4.4	53
45.5843608379	Sandbox	8.8.8.8	53
46.5713589191	Sandbox	8.8.4.4	53
57.6996719837	Sandbox	8.8.8.8	53
58.6985118389	Sandbox	8.8.4.4	53
65.9786429405	Sandbox	8.8.8.8	53
66.9775149822	Sandbox	8.8.4.4	53
69.6962668896	Sandbox	8.8.8.8	53
70.6960718632	Sandbox	8.8.4.4	53
80.3785259724	Sandbox	8.8.8.8	53
81.3680708408	Sandbox	8.8.4.4	53
81.8754827976	Sandbox	8.8.8.8	53
82.8687508106	Sandbox	8.8.4.4	53
93.8597178459	Sandbox	8.8.8.8	53
94.7753429413	Sandbox	8.8.8.8	53
94.8522868156	Sandbox	8.8.4.4	53
95.7744259834	Sandbox	8.8.4.4	53
105.853304863	Sandbox	8.8.8.8	53
106.85261488	Sandbox	8.8.4.4	53
113.48483777	Sandbox	8.8.8.8	53
114.477793932	Sandbox	8.8.4.4	53
117.852666855	Sandbox	8.8.8.8	53
118.852603912	Sandbox	8.8.4.4	53
128.555824995	Sandbox	8.8.8.8	53
129.55603981	Sandbox	8.8.4.4	53
129.853142977	Sandbox	8.8.8.8	53
130.853108883	Sandbox	8.8.4.4	53
142.079879999	Sandbox	8.8.8.8	53
143.07138896	Sandbox	8.8.4.4	53
143.982754946	Sandbox	8.8.8.8	53
144.977774858	Sandbox	8.8.4.4	53
148.026662827	Sandbox	239.255.255.250	1900
154.610902786	Sandbox	8.8.4.4	53
155.602822781	Sandbox	8.8.8.8	53
162.461875916	Sandbox	8.8.4.4	53
163.446164846	Sandbox	8.8.8.8	53
166.603461981	Sandbox	8.8.8.8	53
167.602697849	Sandbox	8.8.4.4	53
176.910938978	Sandbox	8.8.8.8	53
177.901262999	Sandbox	8.8.4.4	53
179.01617384	Sandbox	8.8.8.8	53
180.008612871	Sandbox	8.8.4.4	53
191.009494781	Sandbox	8.8.8.8	53
191.718409777	Sandbox	8.8.8.8	53
192.009341002	Sandbox	8.8.4.4	53
192.711774826	Sandbox	8.8.4.4	53
203.008868933	Sandbox	8.8.8.8	53
204.008887768	Sandbox	8.8.4.4	53
210.899957895	Sandbox	8.8.8.8	53
211.899717808	Sandbox	8.8.4.4	53
215.524902821	Sandbox	8.8.8.8	53
216.52482295	Sandbox	8.8.4.4	53
226.123226881	Sandbox	8.8.8.8	53
227.118155956	Sandbox	8.8.4.4	53
227.524945974	Sandbox	8.8.8.8	53
228.524479866	Sandbox	8.8.4.4	53
235.304423809	Sandbox	8.8.8.8	53
236.290169001	Sandbox	8.8.4.4	53
239.524594784	Sandbox	8.8.8.8	53
240.524698973	Sandbox	8.8.4.4	53
241.179987907	Sandbox	8.8.8.8	53
242.168541908	Sandbox	8.8.4.4	53
251.735282898	Sandbox	8.8.8.8	53
252.72753787	Sandbox	8.8.4.4	53
260.312768936	Sandbox	8.8.8.8	53
261.305489779	Sandbox	8.8.4.4	53
263.727841854	Sandbox	8.8.8.8	53
264.727486849	Sandbox	8.8.4.4	53
275.929643869	Sandbox	8.8.4.4	53
275.929945946	Sandbox	8.8.4.4	53
276.915208817	Sandbox	8.8.8.8	53
276.915313959	Sandbox	8.8.8.8	53
287.916174889	Sandbox	8.8.8.8	53
288.914768934	Sandbox	8.8.4.4	53
291.056865931	Sandbox	8.8.8.8	53
292.056903839	Sandbox	8.8.4.4	53
300.400049925	Sandbox	8.8.8.8	53
301.399253845	Sandbox	8.8.4.4	53
310.705623865	Sandbox	8.8.8.8	53
311.69618392	Sandbox	8.8.4.4	53
312.821573973	Sandbox	8.8.8.8	53
313.821704865	Sandbox	8.8.4.4	53
324.844937801	Sandbox	8.8.8.8	53
325.331443787	Sandbox	8.8.8.8	53
325.836836815	Sandbox	8.8.4.4	53
326.321131945	Sandbox	8.8.4.4	53
336.837530851	Sandbox	8.8.8.8	53
337.83677578	Sandbox	8.8.4.4	53
341.075385809	Sandbox	8.8.8.8	53
342.071372986	Sandbox	8.8.4.4	53
349.206597805	Sandbox	8.8.8.8	53
350.196358919	Sandbox	8.8.4.4	53
361.948714972	Sandbox	8.8.8.8	53
362.947046995	Sandbox	8.8.4.4	53
373.946541786	Sandbox	8.8.8.8	53
374.946285963	Sandbox	8.8.4.4	53
386.243490934	Sandbox	8.8.4.4	53
387.243105888	Sandbox	8.8.8.8	53
398.6546278	Sandbox	8.8.8.8	53
399.649561882	Sandbox	8.8.4.4	53
410.736721992	Sandbox	8.8.8.8	53
411.728099823	Sandbox	8.8.4.4	53
423.992973804	Sandbox	8.8.8.8	53
424.977732897	Sandbox	8.8.4.4	53
436.074210882	Sandbox	8.8.8.8	53
437.071643829	Sandbox	8.8.4.4	53
448.488654852	Sandbox	8.8.8.8	53
449.477669954	Sandbox	8.8.4.4	53
460.478328943	Sandbox	8.8.8.8	53
461.477654934	Sandbox	8.8.4.4	53

Loading...