Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
150s -
max time network
152s -
platform
windows7_x64 -
resource
win7v20210408 -
submitted
27/05/2021, 20:41 UTC
General
-
Target
1E8F7E97829A667EA6E11F1BE8AED9C5.exe
-
Size
5.5MB
-
MD5
1e8f7e97829a667ea6e11f1be8aed9c5
-
SHA1
527f7fe8e5ff4a39fb33ef27b0e5d5569a84c071
-
SHA256
5fce415ea8596e0aa332b961dd62c1e39ddfbe593d577b91ff32aba9d9767cdd
-
SHA512
f2e6709de8b62b0448ba34a265607045bf1ac3a38be4edccfbabb9fb111431112f373127746ac023c4534ed00a4cca618ecc9d35beacb49ecaceba92fb3fc22b
Score
10/10
Malware Config
Extracted
Family
metasploit
Version
windows/single_exec
Signatures
-
Glupteba
Glupteba is a modular loader written in Golang with various components.
-
Glupteba Payload 5 IoCs
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
PlugX
PlugX is a RAT (Remote Access Trojan) that has been around since 2008.
-
Suspicious use of NtCreateUserProcessOtherParentProcess 2 IoCs
-
Executes dropped EXE 8 IoCs
-
UPX packed file 7 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Loads dropped DLL 18 IoCs
-
Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service 1 IoCs
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Drops file in System32 directory 1 IoCs
-
Suspicious use of SetThreadContext 1 IoCs
-
Drops file in Program Files directory 8 IoCs
-
Drops file in Windows directory 1 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-
Modifies data under HKEY_USERS 64 IoCs
-
Modifies registry class 8 IoCs
-
Suspicious behavior: EnumeratesProcesses 4 IoCs
-
Suspicious use of AdjustPrivilegeToken 64 IoCs
-
Suspicious use of WriteProcessMemory 50 IoCs
Processes
-
C:\Windows\system32\services.exeC:\Windows\system32\services.exe1⤵
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k netsvcs2⤵
- Suspicious use of NtCreateUserProcessOtherParentProcess
- Drops file in System32 directory
- Suspicious use of SetThreadContext
- Drops file in Windows directory
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
-
C:\Windows\system32\wbem\WMIADAP.EXEwmiadap.exe /F /T /R3⤵
-
-
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k SystemNetworkService2⤵
- Modifies registry class
-
-
C:\Users\Admin\AppData\Local\Temp\1E8F7E97829A667EA6E11F1BE8AED9C5.exe"C:\Users\Admin\AppData\Local\Temp\1E8F7E97829A667EA6E11F1BE8AED9C5.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Company\NewProduct\customer2.exe"C:\Program Files (x86)\Company\NewProduct\customer2.exe"2⤵
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\jfiag3g_gg.exeC:\Users\Admin\AppData\Local\Temp\jfiag3g_gg.exe /scookiestxt C:\Users\Admin\AppData\Local\Temp\fj4ghga23_fsa.txt3⤵
- Executes dropped EXE
-
-
C:\Users\Admin\AppData\Local\Temp\jfiag3g_gg.exeC:\Users\Admin\AppData\Local\Temp\jfiag3g_gg.exe /scookiestxt C:\Users\Admin\AppData\Local\Temp\fj4ghga23_fsa.txt3⤵
- Executes dropped EXE
- Suspicious behavior: EnumeratesProcesses
-
-
-
C:\Program Files (x86)\Company\NewProduct\file4.exe"C:\Program Files (x86)\Company\NewProduct\file4.exe"2⤵
- Executes dropped EXE
-
-
C:\Program Files (x86)\Company\NewProduct\liujun.exe"C:\Program Files (x86)\Company\NewProduct\liujun.exe"2⤵
- Executes dropped EXE
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rUNdlL32.eXe"C:\Windows\system32\rUNdlL32.eXe" "C:\Users\Admin\AppData\Local\Temp\install.dll",setpwd3⤵
- Loads dropped DLL
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
-
-
-
C:\Program Files (x86)\Company\NewProduct\setup.exe"C:\Program Files (x86)\Company\NewProduct\setup.exe"2⤵
- Executes dropped EXE
- Loads dropped DLL
-
-
C:\Program Files (x86)\Company\NewProduct\app.exe"C:\Program Files (x86)\Company\NewProduct\app.exe"2⤵
- Executes dropped EXE
- Suspicious behavior: EnumeratesProcesses
-
C:\Program Files (x86)\Company\NewProduct\app.exe"C:\Program Files (x86)\Company\NewProduct\app.exe"3⤵
- Executes dropped EXE
- Modifies data under HKEY_USERS
-
-
Network
-
DNSemail.yg9.meRemote address:8.8.8.8:53Requestemail.yg9.meIN A -
DNSemail.yg9.meRemote address:8.8.8.8:53Requestemail.yg9.meIN A
-
DNSemail.yg9.meRemote address:8.8.8.8:53Requestemail.yg9.meIN A
-
DNSemail.yg9.meRemote address:8.8.8.8:53Requestemail.yg9.meIN A
-
DNSemail.yg9.meRemote address:8.8.8.8:53Requestemail.yg9.meIN A
-
DNSip-api.comRemote address:8.8.8.8:53Requestip-api.comIN A
-
DNSip-api.comRemote address:8.8.8.8:53Requestip-api.comIN A
-
DNSip-api.comRemote address:8.8.8.8:53Requestip-api.comIN A
-
DNSip-api.comRemote address:8.8.8.8:53Requestip-api.comIN A
-
DNSip-api.comRemote address:8.8.8.8:53Requestip-api.comIN A
-
DNSgclean.bizRemote address:8.8.8.8:53Requestgclean.bizIN A
-
DNSgclean.bizRemote address:8.8.8.8:53Requestgclean.bizIN A
-
DNSgclean.bizRemote address:8.8.8.8:53Requestgclean.bizIN A
-
DNSgclean.bizRemote address:8.8.8.8:53Requestgclean.bizIN A
-
DNSgclean.bizRemote address:8.8.8.8:53Requestgclean.bizIN A
-
DNSsndvoices.comRemote address:8.8.8.8:53Requestsndvoices.comIN A
-
DNSsndvoices.comRemote address:8.8.8.8:53Requestsndvoices.comIN A
-
DNSsndvoices.comRemote address:8.8.8.8:53Requestsndvoices.comIN A
-
DNSsndvoices.comRemote address:8.8.8.8:53Requestsndvoices.comIN A
-
DNSsndvoices.comRemote address:8.8.8.8:53Requestsndvoices.comIN A
-
DNSemail.yg9.meRemote address:8.8.8.8:53Requestemail.yg9.meIN A
-
DNSemail.yg9.meRemote address:8.8.8.8:53Requestemail.yg9.meIN A
-
DNSemail.yg9.meRemote address:8.8.8.8:53Requestemail.yg9.meIN A
-
DNSemail.yg9.meRemote address:8.8.8.8:53Requestemail.yg9.meIN A
-
DNSemail.yg9.meRemote address:8.8.8.8:53Requestemail.yg9.meIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSwww.facebook.comRemote address:8.8.8.8:53Requestwww.facebook.comIN A
-
DNSwww.facebook.comRemote address:8.8.8.8:53Requestwww.facebook.comIN A
-
DNSwww.facebook.comRemote address:8.8.8.8:53Requestwww.facebook.comIN A
-
DNSwww.facebook.comRemote address:8.8.8.8:53Requestwww.facebook.comIN A
-
DNSwww.facebook.comRemote address:8.8.8.8:53Requestwww.facebook.comIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSwww.facebook.comRemote address:8.8.8.8:53Requestwww.facebook.comIN A
-
DNSwww.facebook.comRemote address:8.8.8.8:53Requestwww.facebook.comIN A
-
DNSwww.facebook.comRemote address:8.8.8.8:53Requestwww.facebook.comIN A
-
DNSwww.facebook.comRemote address:8.8.8.8:53Requestwww.facebook.comIN A
-
DNSwww.facebook.comRemote address:8.8.8.8:53Requestwww.facebook.comIN A
-
DNSemail.yg9.meRemote address:8.8.8.8:53Requestemail.yg9.meIN A
-
DNSemail.yg9.meRemote address:8.8.8.8:53Requestemail.yg9.meIN A
-
DNSemail.yg9.meRemote address:8.8.8.8:53Requestemail.yg9.meIN A
-
DNSemail.yg9.meRemote address:8.8.8.8:53Requestemail.yg9.meIN A
-
DNSemail.yg9.meRemote address:8.8.8.8:53Requestemail.yg9.meIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSwww.facebook.comRemote address:8.8.8.8:53Requestwww.facebook.comIN A
-
DNSwww.facebook.comRemote address:8.8.8.8:53Requestwww.facebook.comIN A
-
DNSwww.facebook.comRemote address:8.8.8.8:53Requestwww.facebook.comIN A
-
DNSwww.facebook.comRemote address:8.8.8.8:53Requestwww.facebook.comIN A
-
DNSwww.facebook.comRemote address:8.8.8.8:53Requestwww.facebook.comIN A
-
DNSemail.yg9.meRemote address:8.8.8.8:53Requestemail.yg9.meIN A
-
DNSemail.yg9.meRemote address:8.8.8.8:53Requestemail.yg9.meIN A
-
DNSemail.yg9.meRemote address:8.8.8.8:53Requestemail.yg9.meIN A
-
DNSemail.yg9.meRemote address:8.8.8.8:53Requestemail.yg9.meIN A
-
DNSemail.yg9.meRemote address:8.8.8.8:53Requestemail.yg9.meIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSwww.facebook.comRemote address:8.8.8.8:53Requestwww.facebook.comIN A
-
DNSwww.facebook.comRemote address:8.8.8.8:53Requestwww.facebook.comIN A
-
DNSwww.facebook.comRemote address:8.8.8.8:53Requestwww.facebook.comIN A
-
DNSwww.facebook.comRemote address:8.8.8.8:53Requestwww.facebook.comIN A
-
DNSwww.facebook.comRemote address:8.8.8.8:53Requestwww.facebook.comIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSwww.facebook.comRemote address:8.8.8.8:53Requestwww.facebook.comIN A
-
DNSwww.facebook.comRemote address:8.8.8.8:53Requestwww.facebook.comIN A
-
DNSwww.facebook.comRemote address:8.8.8.8:53Requestwww.facebook.comIN A
-
DNSwww.facebook.comRemote address:8.8.8.8:53Requestwww.facebook.comIN A
-
DNSwww.facebook.comRemote address:8.8.8.8:53Requestwww.facebook.comIN A
-
DNSemail.yg9.meRemote address:8.8.8.8:53Requestemail.yg9.meIN A
-
DNSemail.yg9.meRemote address:8.8.8.8:53Requestemail.yg9.meIN A
-
DNSemail.yg9.meRemote address:8.8.8.8:53Requestemail.yg9.meIN A
-
DNSemail.yg9.meRemote address:8.8.8.8:53Requestemail.yg9.meIN A
-
DNSemail.yg9.meRemote address:8.8.8.8:53Requestemail.yg9.meIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSwww.facebook.comRemote address:8.8.8.8:53Requestwww.facebook.comIN A
-
DNSwww.facebook.comRemote address:8.8.8.8:53Requestwww.facebook.comIN A
-
DNSwww.facebook.comRemote address:8.8.8.8:53Requestwww.facebook.comIN A
-
DNSwww.facebook.comRemote address:8.8.8.8:53Requestwww.facebook.comIN A
-
DNSwww.facebook.comRemote address:8.8.8.8:53Requestwww.facebook.comIN A
-
DNSemail.yg9.meRemote address:8.8.8.8:53Requestemail.yg9.meIN A
-
DNSemail.yg9.meRemote address:8.8.8.8:53Requestemail.yg9.meIN A
-
DNSemail.yg9.meRemote address:8.8.8.8:53Requestemail.yg9.meIN A
-
DNSemail.yg9.meRemote address:8.8.8.8:53Requestemail.yg9.meIN A
-
DNSemail.yg9.meRemote address:8.8.8.8:53Requestemail.yg9.meIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSwww.facebook.comRemote address:8.8.8.8:53Requestwww.facebook.comIN A
-
DNSwww.facebook.comRemote address:8.8.8.8:53Requestwww.facebook.comIN A
-
DNSwww.facebook.comRemote address:8.8.8.8:53Requestwww.facebook.comIN A
-
DNSwww.facebook.comRemote address:8.8.8.8:53Requestwww.facebook.comIN A
-
DNSwww.facebook.comRemote address:8.8.8.8:53Requestwww.facebook.comIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSwww.facebook.comRemote address:8.8.8.8:53Requestwww.facebook.comIN A
-
DNSwww.facebook.comRemote address:8.8.8.8:53Requestwww.facebook.comIN A
-
DNSwww.facebook.comRemote address:8.8.8.8:53Requestwww.facebook.comIN A
-
DNSwww.facebook.comRemote address:8.8.8.8:53Requestwww.facebook.comIN A
-
DNSwww.facebook.comRemote address:8.8.8.8:53Requestwww.facebook.comIN A
-
DNSemail.yg9.meRemote address:8.8.8.8:53Requestemail.yg9.meIN A
-
DNSemail.yg9.meRemote address:8.8.8.8:53Requestemail.yg9.meIN A
-
DNSemail.yg9.meRemote address:8.8.8.8:53Requestemail.yg9.meIN A
-
DNSemail.yg9.meRemote address:8.8.8.8:53Requestemail.yg9.meIN A
-
DNSemail.yg9.meRemote address:8.8.8.8:53Requestemail.yg9.meIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSwww.facebook.comRemote address:8.8.8.8:53Requestwww.facebook.comIN A
-
DNSwww.facebook.comRemote address:8.8.8.8:53Requestwww.facebook.comIN A
-
DNSwww.facebook.comRemote address:8.8.8.8:53Requestwww.facebook.comIN A
-
DNSwww.facebook.comRemote address:8.8.8.8:53Requestwww.facebook.comIN A
-
DNSwww.facebook.comRemote address:8.8.8.8:53Requestwww.facebook.comIN A
-
DNSemail.yg9.meRemote address:8.8.8.8:53Requestemail.yg9.meIN A
-
DNSemail.yg9.meRemote address:8.8.8.8:53Requestemail.yg9.meIN A
-
DNSemail.yg9.meRemote address:8.8.8.8:53Requestemail.yg9.meIN A
-
DNSemail.yg9.meRemote address:8.8.8.8:53Requestemail.yg9.meIN A
-
DNSemail.yg9.meRemote address:8.8.8.8:53Requestemail.yg9.meIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
-
DNSg-cleanpartners.inRemote address:8.8.8.8:53Requestg-cleanpartners.inIN A
No results found
-
8.8.8.8:53email.yg9.medns
DNS Request
email.yg9.me
DNS Request
email.yg9.me
DNS Request
email.yg9.me
DNS Request
email.yg9.me
DNS Request
email.yg9.me
-
8.8.8.8:53ip-api.comdns
DNS Request
ip-api.com
DNS Request
ip-api.com
DNS Request
ip-api.com
DNS Request
ip-api.com
DNS Request
ip-api.com
-
8.8.8.8:53gclean.bizdns
DNS Request
gclean.biz
DNS Request
gclean.biz
DNS Request
gclean.biz
DNS Request
gclean.biz
DNS Request
gclean.biz
-
8.8.8.8:53sndvoices.comdns
DNS Request
sndvoices.com
DNS Request
sndvoices.com
DNS Request
sndvoices.com
DNS Request
sndvoices.com
DNS Request
sndvoices.com
-
8.8.8.8:53email.yg9.medns
DNS Request
email.yg9.me
DNS Request
email.yg9.me
DNS Request
email.yg9.me
DNS Request
email.yg9.me
DNS Request
email.yg9.me
-
8.8.8.8:53g-cleanpartners.indns
DNS Request
g-cleanpartners.in
DNS Request
g-cleanpartners.in
DNS Request
g-cleanpartners.in
DNS Request
g-cleanpartners.in
DNS Request
g-cleanpartners.in
-
8.8.8.8:53www.facebook.comdns
DNS Request
www.facebook.com
DNS Request
www.facebook.com
DNS Request
www.facebook.com
DNS Request
www.facebook.com
DNS Request
www.facebook.com
-
8.8.8.8:53g-cleanpartners.indns
DNS Request
g-cleanpartners.in
DNS Request
g-cleanpartners.in
DNS Request
g-cleanpartners.in
DNS Request
g-cleanpartners.in
DNS Request
g-cleanpartners.in
-
8.8.8.8:53www.facebook.comdns
DNS Request
www.facebook.com
DNS Request
www.facebook.com
DNS Request
www.facebook.com
DNS Request
www.facebook.com
DNS Request
www.facebook.com
-
8.8.8.8:53email.yg9.medns
DNS Request
email.yg9.me
DNS Request
email.yg9.me
DNS Request
email.yg9.me
DNS Request
email.yg9.me
DNS Request
email.yg9.me
-
8.8.8.8:53g-cleanpartners.indns
DNS Request
g-cleanpartners.in
DNS Request
g-cleanpartners.in
DNS Request
g-cleanpartners.in
DNS Request
g-cleanpartners.in
DNS Request
g-cleanpartners.in
-
8.8.8.8:53www.facebook.comdns
DNS Request
www.facebook.com
DNS Request
www.facebook.com
DNS Request
www.facebook.com
DNS Request
www.facebook.com
DNS Request
www.facebook.com
-
8.8.8.8:53email.yg9.medns
DNS Request
email.yg9.me
DNS Request
email.yg9.me
DNS Request
email.yg9.me
DNS Request
email.yg9.me
DNS Request
email.yg9.me
-
8.8.8.8:53g-cleanpartners.indns
DNS Request
g-cleanpartners.in
DNS Request
g-cleanpartners.in
DNS Request
g-cleanpartners.in
DNS Request
g-cleanpartners.in
DNS Request
g-cleanpartners.in
-
8.8.8.8:53www.facebook.comdns
DNS Request
www.facebook.com
DNS Request
www.facebook.com
DNS Request
www.facebook.com
DNS Request
www.facebook.com
DNS Request
www.facebook.com
-
8.8.8.8:53g-cleanpartners.indns
DNS Request
g-cleanpartners.in
DNS Request
g-cleanpartners.in
DNS Request
g-cleanpartners.in
DNS Request
g-cleanpartners.in
DNS Request
g-cleanpartners.in
-
8.8.8.8:53www.facebook.comdns
DNS Request
www.facebook.com
DNS Request
www.facebook.com
DNS Request
www.facebook.com
DNS Request
www.facebook.com
DNS Request
www.facebook.com
-
8.8.8.8:53email.yg9.medns
DNS Request
email.yg9.me
DNS Request
email.yg9.me
DNS Request
email.yg9.me
DNS Request
email.yg9.me
DNS Request
email.yg9.me
-
8.8.8.8:53g-cleanpartners.indns
DNS Request
g-cleanpartners.in
DNS Request
g-cleanpartners.in
DNS Request
g-cleanpartners.in
DNS Request
g-cleanpartners.in
DNS Request
g-cleanpartners.in
-
8.8.8.8:53www.facebook.comdns
DNS Request
www.facebook.com
DNS Request
www.facebook.com
DNS Request
www.facebook.com
DNS Request
www.facebook.com
DNS Request
www.facebook.com
-
8.8.8.8:53email.yg9.medns
DNS Request
email.yg9.me
DNS Request
email.yg9.me
DNS Request
email.yg9.me
DNS Request
email.yg9.me
DNS Request
email.yg9.me
-
8.8.8.8:53g-cleanpartners.indns
DNS Request
g-cleanpartners.in
DNS Request
g-cleanpartners.in
DNS Request
g-cleanpartners.in
DNS Request
g-cleanpartners.in
DNS Request
g-cleanpartners.in
-
8.8.8.8:53www.facebook.comdns
DNS Request
www.facebook.com
DNS Request
www.facebook.com
DNS Request
www.facebook.com
DNS Request
www.facebook.com
DNS Request
www.facebook.com
-
8.8.8.8:53g-cleanpartners.indns
DNS Request
g-cleanpartners.in
DNS Request
g-cleanpartners.in
DNS Request
g-cleanpartners.in
DNS Request
g-cleanpartners.in
DNS Request
g-cleanpartners.in
-
8.8.8.8:53www.facebook.comdns
DNS Request
www.facebook.com
DNS Request
www.facebook.com
DNS Request
www.facebook.com
DNS Request
www.facebook.com
DNS Request
www.facebook.com
-
8.8.8.8:53email.yg9.medns
DNS Request
email.yg9.me
DNS Request
email.yg9.me
DNS Request
email.yg9.me
DNS Request
email.yg9.me
DNS Request
email.yg9.me
-
8.8.8.8:53g-cleanpartners.indns
DNS Request
g-cleanpartners.in
DNS Request
g-cleanpartners.in
DNS Request
g-cleanpartners.in
DNS Request
g-cleanpartners.in
DNS Request
g-cleanpartners.in
-
8.8.8.8:53www.facebook.comdns
DNS Request
www.facebook.com
DNS Request
www.facebook.com
DNS Request
www.facebook.com
DNS Request
www.facebook.com
DNS Request
www.facebook.com
-
8.8.8.8:53email.yg9.medns
DNS Request
email.yg9.me
DNS Request
email.yg9.me
DNS Request
email.yg9.me
DNS Request
email.yg9.me
DNS Request
email.yg9.me
-
8.8.8.8:53g-cleanpartners.indns
DNS Request
g-cleanpartners.in
DNS Request
g-cleanpartners.in
DNS Request
g-cleanpartners.in
DNS Request
g-cleanpartners.in
DNS Request
g-cleanpartners.in
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
300KB
-
Filesize
448KB
-
Filesize
448KB
-
Filesize
408KB
-
Filesize
408KB
-
Filesize
368KB
-
Filesize
1.0MB
-
Filesize
8KB
-
Filesize
72KB
-
Filesize
64KB