be9985612064c88868bce74c45453e0b302ea1c34c3c9fea4a9eb0531d67f262

General

Target

ilktxiuvydk651 .qtc651 mvc.kgdi651 bvo.mgggvc651 uqq.w.pdf
Size

197KB
MD5

8ba705ac3b200f126494ace50150791a
SHA1

1f88d98d5c43f5f37daeb12b8385fbf5f8f073df
SHA256

be9985612064c88868bce74c45453e0b302ea1c34c3c9fea4a9eb0531d67f262
SHA512

f9673dc5532e44fa3adbd7310a5fa69dee05af9ef667ccf0a7a5df58b127f40dcaef4360e0d4f1467319203162b91f10f2f5f9dce10a7f80dd1c1d771b482077

Score

1^/10

Malware Config

Signatures

Checks processor information in registry 2 TTPs 2 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

Processes:

AcroRd32.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	AcroRd32.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	AcroRd32.exe

Modifies Internet Explorer settings 1 TTPs 1 IoCs

adware spyware

Modify Registry

T1112

Processes:

AcroRd32.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-21-941723256-3451054534-3089625102-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION	AcroRd32.exe

Suspicious behavior: EnumeratesProcesses 18 IoCs

Processes:

AcroRd32.exe

pid	process
2020	AcroRd32.exe
2020	AcroRd32.exe
2020	AcroRd32.exe
2020	AcroRd32.exe
2020	AcroRd32.exe
2020	AcroRd32.exe
2020	AcroRd32.exe
2020	AcroRd32.exe
2020	AcroRd32.exe
2020	AcroRd32.exe
2020	AcroRd32.exe
2020	AcroRd32.exe
2020	AcroRd32.exe
2020	AcroRd32.exe
2020	AcroRd32.exe
2020	AcroRd32.exe
2020	AcroRd32.exe
2020	AcroRd32.exe

Suspicious use of FindShellTrayWindow 1 IoCs

Processes:

AcroRd32.exe

pid process

2020 AcroRd32.exe
Suspicious use of SetWindowsHookEx 6 IoCs

Processes:

AcroRd32.exe

pid process

2020 AcroRd32.exe
2020 AcroRd32.exe
2020 AcroRd32.exe
2020 AcroRd32.exe
2020 AcroRd32.exe
2020 AcroRd32.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

AcroRd32.exeRdrCEF.exe

description	pid	process	target process
PID 2020 wrote to memory of 3460	2020	AcroRd32.exe	RdrCEF.exe
PID 2020 wrote to memory of 3460	2020	AcroRd32.exe	RdrCEF.exe
PID 2020 wrote to memory of 3460	2020	AcroRd32.exe	RdrCEF.exe
PID 3460 wrote to memory of 3080	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 3080	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 3080	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 3080	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 3080	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 3080	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 3080	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 3080	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 3080	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 3080	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 3080	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 3080	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 3080	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 3080	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 3080	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 3080	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 3080	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 3080	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 3080	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 3080	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 3080	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 3080	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 3080	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 3080	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 3080	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 3080	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 3080	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 3080	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 3080	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 3080	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 3080	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 3080	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 3080	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 3080	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 3080	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 3080	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 3080	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 3080	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 3080	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 3080	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 3080	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 908	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 908	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 908	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 908	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 908	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 908	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 908	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 908	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 908	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 908	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 908	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 908	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 908	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 908	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 908	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 908	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 908	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 908	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 908	3460	RdrCEF.exe	RdrCEF.exe
PID 3460 wrote to memory of 908	3460	RdrCEF.exe	RdrCEF.exe

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ilktxiuvydk651 .qtc651 mvc.kgdi651 bvo.mgggvc651 uqq.w.pdf"
1⤵
- Checks processor information in registry
- Modifies Internet Explorer settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2020

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043
2⤵
- Suspicious use of WriteProcessMemory
PID:3460

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=73E6CC2854C3F4259ED67FFC6E10DF38 --mojo-platform-channel-handle=1632 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
3⤵
PID:3080

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=FCE3E0B1EB47413FF9E1F1C0E333AA4D --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=FCE3E0B1EB47413FF9E1F1C0E333AA4D --renderer-client-id=2 --mojo-platform-channel-handle=1648 --allow-no-sandbox-job /prefetch:1
3⤵
PID:908

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=726909E7C8B74552FC6E124CA4E88F79 --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=726909E7C8B74552FC6E124CA4E88F79 --renderer-client-id=4 --mojo-platform-channel-handle=2088 --allow-no-sandbox-job /prefetch:1
3⤵
PID:2556

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=5F192B00D977009F2F3A49A64347173E --mojo-platform-channel-handle=2484 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
3⤵
PID:4072

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=DA03EE991A1F2C9FEF002A230F3873A8 --mojo-platform-channel-handle=1664 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
3⤵
PID:3564

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=C0C70DFDC155E8EBB636D08DFF0859BC --mojo-platform-channel-handle=1716 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2
3⤵
PID:3004

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043
2⤵
PID:3336

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1

T1112

Credential Access

Discovery

Query Registry

1

T1012

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/908-120-0x0000000077672000-0x0000000077673000-memory.dmp

Filesize
4KB

Download
memory/908-121-0x0000000000B72000-0x0000000000B73000-memory.dmp

Filesize
4KB

Download
memory/908-123-0x0000000000000000-mapping.dmp

Download
memory/908-125-0x0000000000AC0000-0x0000000000AC1000-memory.dmp

Filesize
4KB

Download
memory/908-126-0x0000000000B90000-0x0000000000B91000-memory.dmp

Filesize
4KB

Download
memory/2556-127-0x0000000077672000-0x0000000077673000-memory.dmp

Filesize
4KB

Download
memory/2556-129-0x0000000000000000-mapping.dmp

Download
memory/2556-128-0x000000000136A000-0x000000000136B000-memory.dmp

Filesize
4KB

Download
memory/3004-143-0x0000000000000000-mapping.dmp

Download
memory/3004-142-0x0000000001241000-0x0000000001242000-memory.dmp

Filesize
4KB

Download
memory/3004-141-0x0000000077672000-0x0000000077673000-memory.dmp

Filesize
4KB

Download
memory/3080-116-0x0000000077672000-0x0000000077673000-memory.dmp

Filesize
4KB

Download
memory/3080-117-0x0000000000B57000-0x0000000000B58000-memory.dmp

Filesize
4KB

Download
memory/3080-118-0x0000000000000000-mapping.dmp

Download
memory/3080-119-0x0000000000A80000-0x0000000000A81000-memory.dmp

Filesize
4KB

Download
memory/3336-122-0x0000000000000000-mapping.dmp

Download
memory/3460-115-0x0000000000000000-mapping.dmp

Download
memory/3564-137-0x0000000077672000-0x0000000077673000-memory.dmp

Filesize
4KB

Download
memory/3564-138-0x0000000000B5E000-0x0000000000B5F000-memory.dmp

Filesize
4KB

Download
memory/3564-139-0x0000000000000000-mapping.dmp

Download
memory/4072-133-0x0000000077672000-0x0000000077673000-memory.dmp

Filesize
4KB

Download
memory/4072-134-0x0000000000F1B000-0x0000000000F1C000-memory.dmp

Filesize
4KB

Download
memory/4072-135-0x0000000000000000-mapping.dmp

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix ATT&CK v6

Replay Monitor

Loading Replay Monitor...

Downloads