Xcitium Cloud Verdict

Contacted IPs

Network Port Distribution

Name	IP	Country	ASN	ASN Name	Trigger Process Type
	8.8.4.4	United States	15169	Google LLC	Malware Process
	8.8.8.8	United States	15169	Google LLC	Malware Process
					Malware Process
www.aieov.com	45.79.19.196	United States	63949	Akamai Technologies, Inc.	Malware Process
www.msftncsi.com	23.221.239.217	United States	20940	Akamai Technologies, Inc.	Malware Process

HTTP Packets

Host	Port	Method	Version	User Agent	Count	Call Time During Execution(Sec)

DNS Queries/Answers

Request	Type
www.msftncsi.com	A
5isohu.com	A
www.aieov.com	A

TCP Packets

Call Time During Execution(sec)	Source IP	Dest IP	Dest Port

UDP Packets

Call Time During Execution(sec)	Source IP	Dest IP	Dest Port
3.01039886475	Sandbox	224.0.0.252	5355
3.01068902016	Sandbox	224.0.0.252	5355
3.07817602158	Sandbox	192.168.56.255	137
4.54853796959	Sandbox	224.0.0.252	5355
5.5630428791	Sandbox	224.0.0.252	5355
7.11097979546	Sandbox	8.8.4.4	53
8.10982894897	Sandbox	8.8.8.8	53
8.1257109642	Sandbox	224.0.0.252	5355
9.07820296288	Sandbox	192.168.56.255	138
10.7430949211	Sandbox	224.0.0.252	5355
12.6302349567	Sandbox	8.8.4.4	53
13.3014419079	Sandbox	224.0.0.252	5355
13.6248548031	Sandbox	8.8.8.8	53
15.9067659378	Sandbox	224.0.0.252	5355
18.4694960117	Sandbox	224.0.0.252	5355
26.9847838879	Sandbox	8.8.8.8	53
27.9844369888	Sandbox	8.8.4.4	53
41.4227747917	Sandbox	8.8.8.8	53
42.4217238426	Sandbox	8.8.4.4	53
56.6581687927	Sandbox	8.8.8.8	53
57.6584849358	Sandbox	8.8.4.4	53
71.1099879742	Sandbox	8.8.8.8	53
72.1091668606	Sandbox	8.8.4.4	53
85.5485038757	Sandbox	8.8.8.8	53
86.546697855	Sandbox	8.8.4.4	53
103.837054968	Sandbox	8.8.8.8	53
104.828593969	Sandbox	8.8.4.4	53
118.228917837	Sandbox	8.8.8.8	53
119.219254971	Sandbox	8.8.4.4	53
132.593154907	Sandbox	8.8.8.8	53
133.578176022	Sandbox	8.8.4.4	53
150.908597946	Sandbox	8.8.8.8	53
151.906400919	Sandbox	8.8.4.4	53
165.314585924	Sandbox	8.8.8.8	53
166.31251502	Sandbox	8.8.4.4	53
179.727676868	Sandbox	8.8.8.8	53
180.71901679	Sandbox	8.8.4.4	53
198.028410912	Sandbox	8.8.8.8	53
199.015913963	Sandbox	8.8.4.4	53
212.424548864	Sandbox	8.8.8.8	53
213.422109842	Sandbox	8.8.4.4	53
226.785949945	Sandbox	8.8.8.8	53
227.78132081	Sandbox	8.8.4.4	53
245.065778971	Sandbox	8.8.8.8	53
246.06229496	Sandbox	8.8.4.4	53
259.460878849	Sandbox	8.8.8.8	53
260.453522921	Sandbox	8.8.4.4	53
273.830968857	Sandbox	8.8.8.8	53
274.828638792	Sandbox	8.8.4.4	53
292.173844814	Sandbox	8.8.8.8	53
293.172428846	Sandbox	8.8.4.4	53
306.537953854	Sandbox	8.8.8.8	53
307.531422853	Sandbox	8.8.4.4	53
320.920581818	Sandbox	8.8.8.8	53
321.906577826	Sandbox	8.8.4.4	53
335.183723927	Sandbox	8.8.8.8	53
336.171908855	Sandbox	8.8.4.4	53
349.562871933	Sandbox	8.8.8.8	53
350.54731679	Sandbox	8.8.4.4	53
363.91629982	Sandbox	8.8.8.8	53
364.906466007	Sandbox	8.8.4.4	53

File Name: 4598044bb8a3a25bac91e2a069062dce89fb7dfd

File Type: PE32 executable (GUI) Intel 80386, for MS Windows

SHA1: 4598044bb8a3a25bac91e2a069062dce89fb7dfd

MD5: bc864bf3e7bf03bf665eb4e782989471