Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

foo/0044d6...f7.exe

windows7_x64

1

foo/0044d6...f7.exe

windows10_x64

1

foo/034e4c...a9.exe

windows7_x64

4

foo/034e4c...a9.exe

windows10_x64

4

foo/035fa2...72.exe

windows7_x64

10

foo/035fa2...72.exe

windows10_x64

10

foo/04884a...1b.exe

windows7_x64

8

foo/04884a...1b.exe

windows10_x64

8

foo/06ed82...59.exe

windows7_x64

7

foo/06ed82...59.exe

windows10_x64

7

foo/07470b...68.exe

windows7_x64

8

foo/07470b...68.exe

windows10_x64

8

foo/078adb...c0.exe

windows7_x64

10

foo/078adb...c0.exe

windows10_x64

10

foo/09e5c8...b4.exe

windows7_x64

1

foo/09e5c8...b4.exe

windows10_x64

1

foo/0becfe...f4.exe

windows7_x64

10

foo/0becfe...f4.exe

windows10_x64

10

foo/1a78d3...a3.exe

windows7_x64

5

foo/1a78d3...a3.exe

windows10_x64

5

foo/1ffe82...a6.exe

windows7_x64

10

foo/1ffe82...a6.exe

windows10_x64

10

foo/255028...e1.dll

windows7_x64

1

foo/255028...e1.dll

windows10_x64

1

foo/27601d...cc.exe

windows7_x64

8

foo/27601d...cc.exe

windows10_x64

8

foo/27f911...49.exe

windows7_x64

10

foo/27f911...49.exe

windows10_x64

10

foo/28408c...c5.exe

windows7_x64

10

foo/28408c...c5.exe

windows10_x64

10

foo/296822...e4.dll

windows7_x64

3

foo/296822...e4.dll

windows10_x64

3

foo/2de7b8...a4.exe

windows7_x64

10

foo/2de7b8...a4.exe

windows10_x64

10

foo/2e00df...8b.exe

windows7_x64

9

foo/2e00df...8b.exe

windows10_x64

9

foo/2e90a1...22.exe

windows7_x64

6

foo/2e90a1...22.exe

windows10_x64

6

foo/2f215e...b0.dll

windows7_x64

10

foo/2f215e...b0.dll

windows10_x64

10

foo/30bc06...3e.exe

windows7_x64

10

foo/30bc06...3e.exe

windows10_x64

10

foo/312e67...f3.exe

windows7_x64

4

foo/312e67...f3.exe

windows10_x64

4

foo/383497...1b.exe

windows7_x64

10

foo/383497...1b.exe

windows10_x64

10

foo/39555e...ec.exe

windows7_x64

10

foo/39555e...ec.exe

windows10_x64

10

foo/39e531...04.exe

windows7_x64

10

foo/39e531...04.exe

windows10_x64

10

foo/3aba72...cd.exe

windows7_x64

1

foo/3aba72...cd.exe

windows10_x64

1

foo/406c9b...fe.exe

windows7_x64

10

foo/406c9b...fe.exe

windows10_x64

10

foo/457cfd...ca.exe

windows7_x64

7

foo/457cfd...ca.exe

windows10_x64

7

foo/4761e4...60.exe

windows7_x64

8

foo/4761e4...60.exe

windows10_x64

8

foo/487f1b...04.exe

windows7_x64

8

foo/487f1b...04.exe

windows10_x64

7

foo/4a74c9...cf.exe

windows7_x64

10

foo/4a74c9...cf.exe

windows10_x64

10

foo/4b2d78...4b.exe

windows7_x64

8

foo/4b2d78...4b.exe

windows10_x64

8

foo/4c49c2...ba.exe

windows7_x64

1

foo/4c49c2...ba.exe

windows10_x64

1

foo/4cfe8f...77.exe

windows7_x64

9

foo/4cfe8f...77.exe

windows10_x64

9

foo/4ea454...13.exe

windows7_x64

8

foo/4ea454...13.exe

windows10_x64

8

foo/52d6c5...7e.exe

windows7_x64

7

foo/52d6c5...7e.exe

windows10_x64

7

foo/55fc11...e0.exe

windows7_x64

foo/55fc11...e0.exe

windows10_x64

10

foo/59f0fb...06.exe

windows7_x64

1

foo/59f0fb...06.exe

windows10_x64

1

foo/5b1c0d...cb.exe

windows7_x64

1

foo/5b1c0d...cb.exe

windows10_x64

1

foo/5bc72a...ea.exe

windows7_x64

8

foo/5bc72a...ea.exe

windows10_x64

8

foo/5d3305...2a.exe

windows7_x64

7

foo/5d3305...2a.exe

windows10_x64

7

foo/5d9775...39.exe

windows7_x64

8

foo/5d9775...39.exe

windows10_x64

8

foo/60121e...3e.exe

windows7_x64

9

foo/60121e...3e.exe

windows10_x64

9

foo/62565a...fd.exe

windows7_x64

10

foo/62565a...fd.exe

windows10_x64

10

foo/62a3fd...64.exe

windows7_x64

8

foo/62a3fd...64.exe

windows10_x64

10

foo/63e9ce...d0.exe

windows7_x64

8

foo/63e9ce...d0.exe

windows10_x64

8

foo/6497ba...c5.exe

windows7_x64

10

foo/6497ba...c5.exe

windows10_x64

10

foo/698cc8...31.exe

windows7_x64

7

foo/698cc8...31.exe

windows10_x64

7

foo/6f2c5c...d5.exe

windows7_x64

7

foo/6f2c5c...d5.exe

windows10_x64

7

foo/798f5e...ba.exe

windows7_x64

10

foo/798f5e...ba.exe

windows10_x64

10

foo/7aec86...51.exe

windows7_x64

1

foo/7aec86...51.exe

windows10_x64

1

foo/84bf6e...64.exe

windows7_x64

8

foo/84bf6e...64.exe

windows10_x64

8

foo/907b7d...b3.exe

windows7_x64

8

foo/907b7d...b3.exe

windows10_x64

8

foo/928f1d...ee.exe

windows7_x64

1

foo/928f1d...ee.exe

windows10_x64

1

foo/9401b0...6c.exe

windows7_x64

1

foo/9401b0...6c.exe

windows10_x64

1

foo/97dd87...84.exe

windows7_x64

10

foo/97dd87...84.exe

windows10_x64

10

foo/9b8c48...a4.exe

windows7_x64

8

foo/9b8c48...a4.exe

windows10_x64

8

foo/9cde71...cd.exe

windows7_x64

6

foo/9cde71...cd.exe

windows10_x64

6

foo/9d3438...4b.exe

windows7_x64

8

foo/9d3438...4b.exe

windows10_x64

1

foo/9f8818...2d.exe

windows7_x64

8

foo/9f8818...2d.exe

windows10_x64

3

foo/a17bdc...cf.exe

windows7_x64

9

foo/a17bdc...cf.exe

windows10_x64

9

foo/a29811...46.exe

windows7_x64

10

foo/a29811...46.exe

windows10_x64

10

foo/aa3b51...52.exe

windows7_x64

10

foo/aa3b51...52.exe

windows10_x64

10

foo/acf0b7...c4.exe

windows7_x64

8

foo/acf0b7...c4.exe

windows10_x64

8

foo/aeca5c...f7.exe

windows7_x64

1

foo/aeca5c...f7.exe

windows10_x64

1

foo/b10714...f3.exe

windows7_x64

8

foo/b10714...f3.exe

windows10_x64

8

foo/b23652...9f.exe

windows7_x64

6

foo/b23652...9f.exe

windows10_x64

6

foo/b514b5...fc.exe

windows7_x64

1

foo/b514b5...fc.exe

windows10_x64

1

foo/b64196...23.exe

windows7_x64

7

foo/b64196...23.exe

windows10_x64

7

foo/b693df...60.exe

windows7_x64

7

foo/b693df...60.exe

windows10_x64

7

foo/b6e7c9...bc.exe

windows7_x64

10

foo/b6e7c9...bc.exe

windows10_x64

10

foo/b7d5f0...4a.exe

windows7_x64

10

foo/b7d5f0...4a.exe

windows10_x64

10

foo/ba2d46...29.exe

windows7_x64

1

foo/ba2d46...29.exe

windows10_x64

1

foo/bad78e...e5.exe

windows7_x64

9

foo/bad78e...e5.exe

windows10_x64

9

foo/bc6536...b9.exe

windows7_x64

10

foo/bc6536...b9.exe

windows10_x64

10

foo/be85e0...2c.exe

windows7_x64

1

foo/be85e0...2c.exe

windows10_x64

1

foo/c914b1...ee.exe

windows7_x64

3

foo/c914b1...ee.exe

windows10_x64

3

foo/c944ea...cc.exe

windows7_x64

8

foo/c944ea...cc.exe

windows10_x64

8

foo/cad363...8b.exe

windows7_x64

6

foo/cad363...8b.exe

windows10_x64

6

foo/cd89b6...df.exe

windows7_x64

8

foo/cd89b6...df.exe

windows10_x64

8

foo/d81e76...c4.exe

windows7_x64

10

foo/d81e76...c4.exe

windows10_x64

10

foo/d86d2c...08.exe

windows7_x64

10

foo/d86d2c...08.exe

windows10_x64

10

foo/d8e37d...98.exe

windows7_x64

9

foo/d8e37d...98.exe

windows10_x64

9

foo/dea515...e1.exe

windows7_x64

10

foo/dea515...e1.exe

windows10_x64

6

foo/dfcc55...b8.exe

windows7_x64

7

foo/dfcc55...b8.exe

windows10_x64

7

foo/e03bd4...fe.exe

windows7_x64

8

foo/e03bd4...fe.exe

windows10_x64

8

foo/e16ec7...2d.exe

windows7_x64

8

foo/e16ec7...2d.exe

windows10_x64

8

foo/e61c0e...0e.exe

windows7_x64

7

foo/e61c0e...0e.exe

windows10_x64

7

foo/e78fad...51.exe

windows7_x64

8

foo/e78fad...51.exe

windows10_x64

8

foo/e7ad45...88.exe

windows7_x64

3

foo/e7ad45...88.exe

windows10_x64

3

foo/e95678...8f.exe

windows7_x64

1

foo/e95678...8f.exe

windows10_x64

1

foo/edf723...ee.dll

windows7_x64

1

foo/edf723...ee.dll

windows10_x64

1

foo/f2366f...f5.exe

windows7_x64

1

foo/f2366f...f5.exe

windows10_x64

1

foo/f645a9...1f.exe

windows7_x64

1

foo/f645a9...1f.exe

windows10_x64

1

foo/f65e75...56.exe

windows7_x64

1

foo/f65e75...56.exe

windows10_x64

1

foo/f66028...2b.exe

windows7_x64

8

foo/f66028...2b.exe

windows10_x64

8

foo/f6c1c7...89.exe

windows7_x64

10

foo/f6c1c7...89.exe

windows10_x64

10

foo/fbab90...7c.exe

windows7_x64

7

foo/fbab90...7c.exe

windows10_x64

7

foo/fcdc00...b3.exe

windows7_x64

8

foo/fcdc00...b3.exe

windows10_x64

8

foo/fffb61...ba.exe

windows7_x64

1

foo/fffb61...ba.exe

windows10_x64

1

Analysis

  • max time kernel
    151s
  • max time network
    124s
  • platform
    windows10_x64
  • resource
    win10
  • submitted
    11/08/2020, 12:30 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    foo/928f1db0c63d122f0183686a3bdfccee.exe

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 52 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\foo\928f1db0c63d122f0183686a3bdfccee.exe
    "C:\Users\Admin\AppData\Local\Temp\foo\928f1db0c63d122f0183686a3bdfccee.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:3844
    • C:\Program Files (x86)\Windows Media Player\wmplayer.exe
      -a
      2⤵
      • Suspicious behavior: EnumeratesProcesses
      PID:3572

Network

  • flag-unknown
    DNS
    microsoft.com
    wmplayer.exe
    Remote address:
    8.8.8.8:53
    Request
    microsoft.com
    IN A
    Response
    microsoft.com
    IN A
    104.215.148.63
    microsoft.com
    IN A
    40.76.4.15
    microsoft.com
    IN A
    40.112.72.205
    microsoft.com
    IN A
    40.113.200.201
    microsoft.com
    IN A
    13.77.161.179
  • flag-unknown
    DNS
    raaynanz.net
    wmplayer.exe
    Remote address:
    8.8.4.4:53
    Request
    raaynanz.net
    IN A
    Response
    raaynanz.net
    IN A
    216.218.185.162
  • flag-unknown
    DNS
    zrtvetkib.com
    wmplayer.exe
    Remote address:
    8.8.8.8:53
    Request
    zrtvetkib.com
    IN A
    Response
    zrtvetkib.com
    IN A
    216.218.185.162
  • flag-unknown
    DNS
    egbkgbjzjpt.com
    wmplayer.exe
    Remote address:
    8.8.8.8:53
    Request
    egbkgbjzjpt.com
    IN A
    Response
    egbkgbjzjpt.com
    IN A
    216.218.185.162
  • flag-unknown
    DNS
    fefiy.net
    wmplayer.exe
    Remote address:
    8.8.8.8:53
    Request
    fefiy.net
    IN A
    Response
    fefiy.net
    IN A
    216.218.185.162
  • flag-unknown
    DNS
    yphuykrvu.com
    wmplayer.exe
    Remote address:
    8.8.4.4:53
    Request
    yphuykrvu.com
    IN A
    Response
    yphuykrvu.com
    IN A
    216.218.185.162
  • flag-unknown
    DNS
    zrtvetkib.com
    Remote address:
    8.8.8.8:53
    Request
    zrtvetkib.com
    IN A
    Response
    zrtvetkib.com
    IN A
    216.218.185.162
  • flag-unknown
    DNS
    egbkgbjzjpt.com
    Remote address:
    8.8.8.8:53
    Request
    egbkgbjzjpt.com
    IN A
    Response
    egbkgbjzjpt.com
    IN A
    216.218.185.162
  • flag-unknown
    DNS
    fefiy.net
    Remote address:
    8.8.8.8:53
    Request
    fefiy.net
    IN A
    Response
    fefiy.net
    IN A
    216.218.185.162
  • flag-unknown
    DNS
    yphuykrvu.com
    Remote address:
    8.8.8.8:53
    Request
    yphuykrvu.com
    IN A
    Response
    yphuykrvu.com
    IN A
    216.218.185.162
  • flag-unknown
    DNS
    raaynanz.net
    Remote address:
    8.8.8.8:53
    Request
    raaynanz.net
    IN A
    Response
    raaynanz.net
    IN A
    216.218.185.162
  • flag-unknown
    DNS
    ayhza.net
    wmplayer.exe
    Remote address:
    8.8.8.8:53
    Request
    ayhza.net
    IN A
    Response
    ayhza.net
    IN A
    216.218.185.162
  • flag-unknown
    DNS
    vqztscvkxfjt.com
    wmplayer.exe
    Remote address:
    8.8.4.4:53
    Request
    vqztscvkxfjt.com
    IN A
    Response
    vqztscvkxfjt.com
    IN A
    216.218.185.162
  • flag-unknown
    DNS
    cyoczjc.net
    wmplayer.exe
    Remote address:
    8.8.8.8:53
    Request
    cyoczjc.net
    IN A
    Response
    cyoczjc.net
    IN A
    216.218.185.162
  • flag-unknown
    DNS
    nfnoyryqskvw.com
    wmplayer.exe
    Remote address:
    8.8.8.8:53
    Request
    nfnoyryqskvw.com
    IN A
    Response
    nfnoyryqskvw.com
    IN A
    216.218.185.162
  • flag-unknown
    DNS
    ayhza.net
    Remote address:
    8.8.8.8:53
    Request
    ayhza.net
    IN A
    Response
    ayhza.net
    IN A
    216.218.185.162
  • flag-unknown
    DNS
    vqztscvkxfjt.com
    Remote address:
    8.8.8.8:53
    Request
    vqztscvkxfjt.com
    IN A
    Response
    vqztscvkxfjt.com
    IN A
    216.218.185.162
  • flag-unknown
    DNS
    nfnoyryqskvw.com
    Remote address:
    8.8.8.8:53
    Request
    nfnoyryqskvw.com
    IN A
    Response
    nfnoyryqskvw.com
    IN A
    216.218.185.162
  • flag-unknown
    DNS
    mhjssy.in
    wmplayer.exe
    Remote address:
    8.8.4.4:53
    Request
    mhjssy.in
    IN A
    Response
  • flag-unknown
    DNS
    dewaoeyp.pw
    wmplayer.exe
    Remote address:
    8.8.8.8:53
    Request
    dewaoeyp.pw
    IN A
    Response
  • flag-unknown
    DNS
    mcsiiuvqyr.com
    wmplayer.exe
    Remote address:
    8.8.8.8:53
    Request
    mcsiiuvqyr.com
    IN A
    Response
    mcsiiuvqyr.com
    IN A
    216.218.185.162
  • flag-unknown
    DNS
    cyoczjc.net
    Remote address:
    8.8.8.8:53
    Request
    cyoczjc.net
    IN A
    Response
    cyoczjc.net
    IN A
    216.218.185.162
  • flag-unknown
    DNS
    mhjssy.in
    wmplayer.exe
    Remote address:
    8.8.8.8:53
    Request
    mhjssy.in
    IN A
    Response
  • flag-unknown
    DNS
    qyuoqgx.pw
    wmplayer.exe
    Remote address:
    8.8.4.4:53
    Request
    qyuoqgx.pw
    IN A
    Response
  • flag-unknown
    DNS
    dewaoeyp.pw
    wmplayer.exe
    Remote address:
    8.8.4.4:53
    Request
    dewaoeyp.pw
    IN A
    Response
  • flag-unknown
    DNS
    mcsiiuvqyr.com
    Remote address:
    8.8.8.8:53
    Request
    mcsiiuvqyr.com
    IN A
    Response
    mcsiiuvqyr.com
    IN A
    216.218.185.162
  • flag-unknown
    DNS
    mhjssy.in
    Remote address:
    8.8.8.8:53
    Request
    mhjssy.in
    IN A
    Response
  • flag-unknown
    DNS
    qyuoqgx.pw
    wmplayer.exe
    Remote address:
    8.8.8.8:53
    Request
    qyuoqgx.pw
    IN A
    Response
  • flag-unknown
    DNS
    dewaoeyp.pw
    Remote address:
    8.8.8.8:53
    Request
    dewaoeyp.pw
    IN A
    Response
  • flag-unknown
    DNS
    krbgebdtxrqw.pw
    wmplayer.exe
    Remote address:
    8.8.4.4:53
    Request
    krbgebdtxrqw.pw
    IN A
    Response
  • flag-unknown
    DNS
    lfgfolmrzbke.pw
    wmplayer.exe
    Remote address:
    8.8.4.4:53
    Request
    lfgfolmrzbke.pw
    IN A
    Response
  • flag-unknown
    DNS
    rmjsgj.in
    wmplayer.exe
    Remote address:
    8.8.8.8:53
    Request
    rmjsgj.in
    IN A
    Response
  • flag-unknown
    DNS
    qozzwdluya.pw
    wmplayer.exe
    Remote address:
    8.8.4.4:53
    Request
    qozzwdluya.pw
    IN A
    Response
  • flag-unknown
    DNS
    qyuoqgx.pw
    Remote address:
    8.8.8.8:53
    Request
    qyuoqgx.pw
    IN A
    Response
  • flag-unknown
    DNS
    krbgebdtxrqw.pw
    wmplayer.exe
    Remote address:
    8.8.8.8:53
    Request
    krbgebdtxrqw.pw
    IN A
    Response
  • flag-unknown
    DNS
    lfgfolmrzbke.pw
    wmplayer.exe
    Remote address:
    8.8.8.8:53
    Request
    lfgfolmrzbke.pw
    IN A
    Response
  • flag-unknown
    DNS
    rmjsgj.in
    wmplayer.exe
    Remote address:
    8.8.4.4:53
    Request
    rmjsgj.in
    IN A
    Response
  • flag-unknown
    DNS
    qozzwdluya.pw
    wmplayer.exe
    Remote address:
    8.8.8.8:53
    Request
    qozzwdluya.pw
    IN A
    Response
  • flag-unknown
    DNS
    krbgebdtxrqw.pw
    Remote address:
    8.8.8.8:53
    Request
    krbgebdtxrqw.pw
    IN A
    Response
  • flag-unknown
    DNS
    sdmwj.in
    wmplayer.exe
    Remote address:
    8.8.8.8:53
    Request
    sdmwj.in
    IN A
    Response
  • flag-unknown
    DNS
    rmjsgj.in
    Remote address:
    8.8.8.8:53
    Request
    rmjsgj.in
    IN A
    Response
  • flag-unknown
    DNS
    dayjobu.net
    wmplayer.exe
    Remote address:
    8.8.4.4:53
    Request
    dayjobu.net
    IN A
    Response
    dayjobu.net
    IN A
    216.218.185.162
  • flag-unknown
    DNS
    sdmwj.in
    wmplayer.exe
    Remote address:
    8.8.4.4:53
    Request
    sdmwj.in
    IN A
    Response
  • flag-unknown
    DNS
    dayjobu.net
    Remote address:
    8.8.8.8:53
    Request
    dayjobu.net
    IN A
    Response
    dayjobu.net
    IN A
    216.218.185.162
  • flag-unknown
    DNS
    qozzwdluya.pw
    Remote address:
    8.8.8.8:53
    Request
    qozzwdluya.pw
    IN A
    Response
  • flag-unknown
    DNS
    hstekbw.net
    wmplayer.exe
    Remote address:
    8.8.4.4:53
    Request
    hstekbw.net
    IN A
    Response
    hstekbw.net
    IN A
    216.218.185.162
  • flag-unknown
    DNS
    hahqrqx.com
    wmplayer.exe
    Remote address:
    8.8.4.4:53
    Request
    hahqrqx.com
    IN A
    Response
    hahqrqx.com
    IN A
    216.218.185.162
  • flag-unknown
    DNS
    ydknwyrfzhbb.in
    wmplayer.exe
    Remote address:
    8.8.4.4:53
    Request
    ydknwyrfzhbb.in
    IN A
    Response
  • flag-unknown
    DNS
    lfgfolmrzbke.pw
    Remote address:
    8.8.8.8:53
    Request
    lfgfolmrzbke.pw
    IN A
    Response
  • flag-unknown
    DNS
    hstekbw.net
    Remote address:
    8.8.8.8:53
    Request
    hstekbw.net
    IN A
    Response
    hstekbw.net
    IN A
    216.218.185.162
  • flag-unknown
    DNS
    vchelofag.net
    wmplayer.exe
    Remote address:
    8.8.4.4:53
    Request
    vchelofag.net
    IN A
    Response
    vchelofag.net
    IN A
    216.218.185.162
  • flag-unknown
    DNS
    sdmwj.in
    Remote address:
    8.8.8.8:53
    Request
    sdmwj.in
    IN A
    Response
  • flag-unknown
    DNS
    ydknwyrfzhbb.in
    wmplayer.exe
    Remote address:
    8.8.8.8:53
    Request
    ydknwyrfzhbb.in
    IN A
    Response
  • flag-unknown
    DNS
    hahqrqx.com
    Remote address:
    8.8.8.8:53
    Request
    hahqrqx.com
    IN A
    Response
    hahqrqx.com
    IN A
    216.218.185.162
  • flag-unknown
    DNS
    vchelofag.net
    Remote address:
    8.8.8.8:53
    Request
    vchelofag.net
    IN A
    Response
    vchelofag.net
    IN A
    216.218.185.162
  • flag-unknown
    DNS
    cwvhnhdp.com
    wmplayer.exe
    Remote address:
    8.8.4.4:53
    Request
    cwvhnhdp.com
    IN A
    Response
    cwvhnhdp.com
    IN A
    216.218.185.162
  • flag-unknown
    DNS
    nachzrefix.net
    wmplayer.exe
    Remote address:
    8.8.8.8:53
    Request
    nachzrefix.net
    IN A
    Response
    nachzrefix.net
    IN A
    216.218.185.162
  • flag-unknown
    DNS
    gozrv.net
    wmplayer.exe
    Remote address:
    8.8.4.4:53
    Request
    gozrv.net
    IN A
    Response
    gozrv.net
    IN A
    216.218.185.162
  • flag-unknown
    DNS
    ydknwyrfzhbb.in
    Remote address:
    8.8.8.8:53
    Request
    ydknwyrfzhbb.in
    IN A
    Response
  • flag-unknown
    DNS
    gozrv.net
    Remote address:
    8.8.8.8:53
    Request
    gozrv.net
    IN A
    Response
    gozrv.net
    IN A
    216.218.185.162
  • flag-unknown
    DNS
    cwvhnhdp.com
    Remote address:
    8.8.8.8:53
    Request
    cwvhnhdp.com
    IN A
    Response
    cwvhnhdp.com
    IN A
    216.218.185.162
  • flag-unknown
    DNS
    nachzrefix.net
    Remote address:
    8.8.8.8:53
    Request
    nachzrefix.net
    IN A
    Response
    nachzrefix.net
    IN A
    216.218.185.162
  • flag-unknown
    DNS
    jtisa.com
    wmplayer.exe
    Remote address:
    8.8.4.4:53
    Request
    jtisa.com
    IN A
    Response
    jtisa.com
    IN A
    216.218.185.162
  • flag-unknown
    DNS
    iedngaji.pw
    wmplayer.exe
    Remote address:
    8.8.4.4:53
    Request
    iedngaji.pw
    IN A
    Response
  • flag-unknown
    DNS
    qdtmd.in
    wmplayer.exe
    Remote address:
    8.8.8.8:53
    Request
    qdtmd.in
    IN A
    Response
  • flag-unknown
    DNS
    jtisa.com
    Remote address:
    8.8.8.8:53
    Request
    jtisa.com
    IN A
    Response
    jtisa.com
    IN A
    216.218.185.162
  • flag-unknown
    DNS
    iedngaji.pw
    wmplayer.exe
    Remote address:
    8.8.8.8:53
    Request
    iedngaji.pw
    IN A
    Response
  • flag-unknown
    DNS
    xpjjjqzno.in
    wmplayer.exe
    Remote address:
    8.8.4.4:53
    Request
    xpjjjqzno.in
    IN A
    Response
  • flag-unknown
    DNS
    iedngaji.pw
    Remote address:
    8.8.8.8:53
    Request
    iedngaji.pw
    IN A
    Response
  • flag-unknown
    DNS
    qdtmd.in
    wmplayer.exe
    Remote address:
    8.8.4.4:53
    Request
    qdtmd.in
    IN A
    Response
  • flag-unknown
    DNS
    xpjjjqzno.in
    wmplayer.exe
    Remote address:
    8.8.8.8:53
    Request
    xpjjjqzno.in
    IN A
    Response
  • flag-unknown
    DNS
    qdtmd.in
    Remote address:
    8.8.8.8:53
    Request
    qdtmd.in
    IN A
    Response
  • flag-unknown
    DNS
    xpjjjqzno.in
    Remote address:
    8.8.8.8:53
    Request
    xpjjjqzno.in
    IN A
    Response
No results found
  • 8.8.8.8:53
    microsoft.com
    dns
    wmplayer.exe
    59 B
     139 B
     1
    1

    DNS Request

    microsoft.com

    DNS Response

    104.215.148.63
    40.76.4.15
    40.112.72.205
    40.113.200.201
    13.77.161.179

  • 8.8.4.4:53
    raaynanz.net
    dns
    wmplayer.exe
    58 B
     74 B
     1
    1

    DNS Request

    raaynanz.net

    DNS Response

    216.218.185.162

  • 8.8.8.8:53
    zrtvetkib.com
    dns
    wmplayer.exe
    59 B
     75 B
     1
    1

    DNS Request

    zrtvetkib.com

    DNS Response

    216.218.185.162

  • 8.8.8.8:53
    egbkgbjzjpt.com
    dns
    wmplayer.exe
    61 B
     77 B
     1
    1

    DNS Request

    egbkgbjzjpt.com

    DNS Response

    216.218.185.162

  • 8.8.8.8:53
    fefiy.net
    dns
    wmplayer.exe
    55 B
     71 B
     1
    1

    DNS Request

    fefiy.net

    DNS Response

    216.218.185.162

  • 8.8.4.4:53
    yphuykrvu.com
    dns
    wmplayer.exe
    59 B
     75 B
     1
    1

    DNS Request

    yphuykrvu.com

    DNS Response

    216.218.185.162

  • 8.8.8.8:53
    zrtvetkib.com
    dns
    59 B
     75 B
     1
    1

    DNS Request

    zrtvetkib.com

    DNS Response

    216.218.185.162

  • 8.8.8.8:53
    egbkgbjzjpt.com
    dns
    61 B
     77 B
     1
    1

    DNS Request

    egbkgbjzjpt.com

    DNS Response

    216.218.185.162

  • 8.8.8.8:53
    fefiy.net
    dns
    55 B
     71 B
     1
    1

    DNS Request

    fefiy.net

    DNS Response

    216.218.185.162

  • 8.8.8.8:53
    yphuykrvu.com
    dns
    59 B
     75 B
     1
    1

    DNS Request

    yphuykrvu.com

    DNS Response

    216.218.185.162

  • 8.8.8.8:53
    raaynanz.net
    dns
    58 B
     74 B
     1
    1

    DNS Request

    raaynanz.net

    DNS Response

    216.218.185.162

  • 8.8.8.8:53
    ayhza.net
    dns
    wmplayer.exe
    55 B
     71 B
     1
    1

    DNS Request

    ayhza.net

    DNS Response

    216.218.185.162

  • 8.8.4.4:53
    vqztscvkxfjt.com
    dns
    wmplayer.exe
    62 B
     78 B
     1
    1

    DNS Request

    vqztscvkxfjt.com

    DNS Response

    216.218.185.162

  • 8.8.8.8:53
    cyoczjc.net
    dns
    wmplayer.exe
    57 B
     73 B
     1
    1

    DNS Request

    cyoczjc.net

    DNS Response

    216.218.185.162

  • 8.8.8.8:53
    nfnoyryqskvw.com
    dns
    wmplayer.exe
    62 B
     78 B
     1
    1

    DNS Request

    nfnoyryqskvw.com

    DNS Response

    216.218.185.162

  • 8.8.8.8:53
    ayhza.net
    dns
    55 B
     71 B
     1
    1

    DNS Request

    ayhza.net

    DNS Response

    216.218.185.162

  • 8.8.8.8:53
    vqztscvkxfjt.com
    dns
    62 B
     78 B
     1
    1

    DNS Request

    vqztscvkxfjt.com

    DNS Response

    216.218.185.162

  • 8.8.8.8:53
    nfnoyryqskvw.com
    dns
    62 B
     78 B
     1
    1

    DNS Request

    nfnoyryqskvw.com

    DNS Response

    216.218.185.162

  • 8.8.4.4:53
    mhjssy.in
    dns
    wmplayer.exe
    55 B
     114 B
     1
    1

    DNS Request

    mhjssy.in

  • 8.8.8.8:53
    dewaoeyp.pw
    dns
    wmplayer.exe
    57 B
     122 B
     1
    1

    DNS Request

    dewaoeyp.pw

  • 8.8.8.8:53
    mcsiiuvqyr.com
    dns
    wmplayer.exe
    60 B
     76 B
     1
    1

    DNS Request

    mcsiiuvqyr.com

    DNS Response

    216.218.185.162

  • 8.8.8.8:53
    cyoczjc.net
    dns
    57 B
     73 B
     1
    1

    DNS Request

    cyoczjc.net

    DNS Response

    216.218.185.162

  • 8.8.8.8:53
    mhjssy.in
    dns
    wmplayer.exe
    55 B
     114 B
     1
    1

    DNS Request

    mhjssy.in

  • 8.8.4.4:53
    qyuoqgx.pw
    dns
    wmplayer.exe
    56 B
     121 B
     1
    1

    DNS Request

    qyuoqgx.pw

  • 8.8.4.4:53
    dewaoeyp.pw
    dns
    wmplayer.exe
    57 B
     122 B
     1
    1

    DNS Request

    dewaoeyp.pw

  • 8.8.8.8:53
    mcsiiuvqyr.com
    dns
    60 B
     76 B
     1
    1

    DNS Request

    mcsiiuvqyr.com

    DNS Response

    216.218.185.162

  • 8.8.8.8:53
    mhjssy.in
    dns
    55 B
     114 B
     1
    1

    DNS Request

    mhjssy.in

  • 8.8.8.8:53
    qyuoqgx.pw
    dns
    wmplayer.exe
    56 B
     121 B
     1
    1

    DNS Request

    qyuoqgx.pw

  • 8.8.8.8:53
    dewaoeyp.pw
    dns
    57 B
     122 B
     1
    1

    DNS Request

    dewaoeyp.pw

  • 8.8.4.4:53
    krbgebdtxrqw.pw
    dns
    wmplayer.exe
    61 B
     126 B
     1
    1

    DNS Request

    krbgebdtxrqw.pw

  • 8.8.4.4:53
    lfgfolmrzbke.pw
    dns
    wmplayer.exe
    61 B
     126 B
     1
    1

    DNS Request

    lfgfolmrzbke.pw

  • 8.8.8.8:53
    rmjsgj.in
    dns
    wmplayer.exe
    55 B
     114 B
     1
    1

    DNS Request

    rmjsgj.in

  • 8.8.4.4:53
    qozzwdluya.pw
    dns
    wmplayer.exe
    59 B
     124 B
     1
    1

    DNS Request

    qozzwdluya.pw

  • 8.8.8.8:53
    qyuoqgx.pw
    dns
    56 B
     121 B
     1
    1

    DNS Request

    qyuoqgx.pw

  • 8.8.8.8:53
    krbgebdtxrqw.pw
    dns
    wmplayer.exe
    61 B
     126 B
     1
    1

    DNS Request

    krbgebdtxrqw.pw

  • 8.8.8.8:53
    lfgfolmrzbke.pw
    dns
    wmplayer.exe
    61 B
     126 B
     1
    1

    DNS Request

    lfgfolmrzbke.pw

  • 8.8.4.4:53
    rmjsgj.in
    dns
    wmplayer.exe
    55 B
     114 B
     1
    1

    DNS Request

    rmjsgj.in

  • 8.8.8.8:53
    qozzwdluya.pw
    dns
    wmplayer.exe
    59 B
     124 B
     1
    1

    DNS Request

    qozzwdluya.pw

  • 8.8.8.8:53
    krbgebdtxrqw.pw
    dns
    61 B
     126 B
     1
    1

    DNS Request

    krbgebdtxrqw.pw

  • 8.8.8.8:53
    sdmwj.in
    dns
    wmplayer.exe
    54 B
     113 B
     1
    1

    DNS Request

    sdmwj.in

  • 8.8.8.8:53
    rmjsgj.in
    dns
    55 B
     114 B
     1
    1

    DNS Request

    rmjsgj.in

  • 8.8.4.4:53
    dayjobu.net
    dns
    wmplayer.exe
    57 B
     73 B
     1
    1

    DNS Request

    dayjobu.net

    DNS Response

    216.218.185.162

  • 8.8.4.4:53
    sdmwj.in
    dns
    wmplayer.exe
    54 B
     113 B
     1
    1

    DNS Request

    sdmwj.in

  • 8.8.8.8:53
    dayjobu.net
    dns
    57 B
     73 B
     1
    1

    DNS Request

    dayjobu.net

    DNS Response

    216.218.185.162

  • 8.8.8.8:53
    qozzwdluya.pw
    dns
    59 B
     124 B
     1
    1

    DNS Request

    qozzwdluya.pw

  • 8.8.4.4:53
    hstekbw.net
    dns
    wmplayer.exe
    57 B
     73 B
     1
    1

    DNS Request

    hstekbw.net

    DNS Response

    216.218.185.162

  • 8.8.4.4:53
    hahqrqx.com
    dns
    wmplayer.exe
    57 B
     73 B
     1
    1

    DNS Request

    hahqrqx.com

    DNS Response

    216.218.185.162

  • 8.8.4.4:53
    ydknwyrfzhbb.in
    dns
    wmplayer.exe
    61 B
     120 B
     1
    1

    DNS Request

    ydknwyrfzhbb.in

  • 8.8.8.8:53
    lfgfolmrzbke.pw
    dns
    61 B
     126 B
     1
    1

    DNS Request

    lfgfolmrzbke.pw

  • 8.8.8.8:53
    hstekbw.net
    dns
    57 B
     73 B
     1
    1

    DNS Request

    hstekbw.net

    DNS Response

    216.218.185.162

  • 8.8.4.4:53
    vchelofag.net
    dns
    wmplayer.exe
    59 B
     75 B
     1
    1

    DNS Request

    vchelofag.net

    DNS Response

    216.218.185.162

  • 8.8.8.8:53
    sdmwj.in
    dns
    54 B
     113 B
     1
    1

    DNS Request

    sdmwj.in

  • 8.8.8.8:53
    ydknwyrfzhbb.in
    dns
    wmplayer.exe
    61 B
     120 B
     1
    1

    DNS Request

    ydknwyrfzhbb.in

  • 8.8.8.8:53
    hahqrqx.com
    dns
    57 B
     73 B
     1
    1

    DNS Request

    hahqrqx.com

    DNS Response

    216.218.185.162

  • 8.8.8.8:53
    vchelofag.net
    dns
    59 B
     75 B
     1
    1

    DNS Request

    vchelofag.net

    DNS Response

    216.218.185.162

  • 8.8.4.4:53
    cwvhnhdp.com
    dns
    wmplayer.exe
    58 B
     74 B
     1
    1

    DNS Request

    cwvhnhdp.com

    DNS Response

    216.218.185.162

  • 8.8.8.8:53
    nachzrefix.net
    dns
    wmplayer.exe
    60 B
     76 B
     1
    1

    DNS Request

    nachzrefix.net

    DNS Response

    216.218.185.162

  • 8.8.4.4:53
    gozrv.net
    dns
    wmplayer.exe
    55 B
     71 B
     1
    1

    DNS Request

    gozrv.net

    DNS Response

    216.218.185.162

  • 8.8.8.8:53
    ydknwyrfzhbb.in
    dns
    61 B
     120 B
     1
    1

    DNS Request

    ydknwyrfzhbb.in

  • 8.8.8.8:53
    gozrv.net
    dns
    55 B
     71 B
     1
    1

    DNS Request

    gozrv.net

    DNS Response

    216.218.185.162

  • 8.8.8.8:53
    cwvhnhdp.com
    dns
    58 B
     74 B
     1
    1

    DNS Request

    cwvhnhdp.com

    DNS Response

    216.218.185.162

  • 8.8.8.8:53
    nachzrefix.net
    dns
    60 B
     76 B
     1
    1

    DNS Request

    nachzrefix.net

    DNS Response

    216.218.185.162

  • 8.8.4.4:53
    jtisa.com
    dns
    wmplayer.exe
    55 B
     71 B
     1
    1

    DNS Request

    jtisa.com

    DNS Response

    216.218.185.162

  • 8.8.4.4:53
    iedngaji.pw
    dns
    wmplayer.exe
    57 B
     122 B
     1
    1

    DNS Request

    iedngaji.pw

  • 8.8.8.8:53
    qdtmd.in
    dns
    wmplayer.exe
    54 B
     113 B
     1
    1

    DNS Request

    qdtmd.in

  • 8.8.8.8:53
    jtisa.com
    dns
    55 B
     71 B
     1
    1

    DNS Request

    jtisa.com

    DNS Response

    216.218.185.162

  • 8.8.8.8:53
    iedngaji.pw
    dns
    wmplayer.exe
    57 B
     122 B
     1
    1

    DNS Request

    iedngaji.pw

  • 8.8.4.4:53
    xpjjjqzno.in
    dns
    wmplayer.exe
    58 B
     117 B
     1
    1

    DNS Request

    xpjjjqzno.in

  • 8.8.8.8:53
    iedngaji.pw
    dns
    57 B
     122 B
     1
    1

    DNS Request

    iedngaji.pw

  • 8.8.4.4:53
    qdtmd.in
    dns
    wmplayer.exe
    54 B
     113 B
     1
    1

    DNS Request

    qdtmd.in

  • 8.8.8.8:53
    xpjjjqzno.in
    dns
    wmplayer.exe
    58 B
     117 B
     1
    1

    DNS Request

    xpjjjqzno.in

  • 8.8.8.8:53
    qdtmd.in
    dns
    54 B
     113 B
     1
    1

    DNS Request

    qdtmd.in

  • 8.8.8.8:53
    xpjjjqzno.in
    dns
    58 B
     117 B
     1
    1

    DNS Request

    xpjjjqzno.in

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3844-0-0x0000000002A80000-0x0000000002B58000-memory.dmp

    Filesize

    864KB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.