metasploit | 584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57

General

Target

584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Size

4.3MB
MD5

58b2216c8519dffd06f5e9b522cfc5c5
SHA1

7ad25174ea6b7ef8317840d73ac20e6b9c6df89e
SHA256

584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57
SHA512

62737bc3bbfbb4ba8206e5b150d786ac823c4cbde009b6da55bead26bed2ada280ad7b111a0358b75da3e43f323b185ec8bfbda8dfe0f663b8d6cc05d8543b1c

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

windows/single_exec

Signatures

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit
Program crash 1 IoCs

Processes:

WerFault.exe

pid pid_target process target process

1728 1040 WerFault.exe 584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe

pid	pid_target	process	target process
1728	1040	WerFault.exe	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe

Modifies data under HKEY_USERS 64 IoCs

Processes:

584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe

description	ioc	process
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-292 = "Central European Standard Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-365 = "Middle East Standard Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-104 = "Central Brazilian Daylight Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-912 = "Mauritius Standard Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-2142 = "Transbaikal Standard Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-721 = "Central Pacific Daylight Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-2041 = "Eastern Daylight Time (Mexico)"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-352 = "FLE Standard Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-435 = "Georgian Standard Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-384 = "Namibia Daylight Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-202 = "US Mountain Standard Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-841 = "Argentina Daylight Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-211 = "Pacific Daylight Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-381 = "South Africa Daylight Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-2371 = "Easter Island Daylight Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-682 = "E. Australia Standard Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-2042 = "Eastern Standard Time (Mexico)"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-351 = "FLE Daylight Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-1472 = "Magadan Standard Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-722 = "Central Pacific Standard Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-52 = "Greenland Standard Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-462 = "Afghanistan Standard Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-492 = "India Standard Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-2792 = "Novosibirsk Standard Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-81 = "Atlantic Daylight Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-448 = "Azerbaijan Daylight Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-2611 = "Bougainville Daylight Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-2432 = "Cuba Standard Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-2342 = "Haiti Standard Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-335 = "Jordan Standard Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-622 = "Korea Standard Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-2791 = "Novosibirsk Daylight Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-652 = "AUS Central Standard Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-1501 = "Turkey Daylight Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-131 = "US Eastern Daylight Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-212 = "Pacific Standard Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-602 = "Taipei Standard Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-501 = "Nepal Daylight Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-1411 = "Syria Daylight Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-2181 = "Astrakhan Daylight Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-2531 = "Chatham Islands Daylight Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-732 = "Fiji Standard Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-2411 = "Marquesas Daylight Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-214 = "Pacific Daylight Time (Mexico)"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-2182 = "Astrakhan Standard Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-361 = "GTB Daylight Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-1911 = "Russia TZ 10 Daylight Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-51 = "Greenland Daylight Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-32 = "Mid-Atlantic Standard Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-441 = "Arabian Daylight Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-681 = "E. Australia Daylight Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-272 = "Greenwich Standard Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-431 = "Iran Daylight Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-502 = "Nepal Standard Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-872 = "Pakistan Standard Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-631 = "Tokyo Daylight Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-282 = "Central Europe Standard Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-512 = "Central Asia Standard Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-91 = "Pacific SA Daylight Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-215 = "Pacific Standard Time (Mexico)"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-1912 = "Russia TZ 10 Standard Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-121 = "SA Pacific Daylight Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-671 = "AUS Eastern Daylight Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Set value (str)	\REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\16\52C64B7E\C:\Windows\system32\,@tzres.dll,-161 = "Central Daylight Time"	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes:

584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe

pid	process
2936	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
2936	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes:

584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe

description	pid	process
Token: SeDebugPrivilege	2936	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
Token: SeImpersonatePrivilege	2936	584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe

C:\Users\Admin\AppData\Local\Temp\584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
"C:\Users\Admin\AppData\Local\Temp\584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:2936

C:\Users\Admin\AppData\Local\Temp\584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe
"C:\Users\Admin\AppData\Local\Temp\584522a8a53da3c5cd77b68c235ac8636430cbcb656e80e889746b9f8e4efa57.exe"
2⤵
- Modifies data under HKEY_USERS
PID:1040

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 1040 -s 788
3⤵
- Program crash
PID:1728

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1040-121-0x0000000003D8D000-0x000000000419C000-memory.dmp

Filesize
4.1MB

Download
memory/1040-122-0x0000000000400000-0x0000000002000000-memory.dmp

Filesize
28.0MB

Download
memory/2936-118-0x0000000003DF1000-0x0000000004200000-memory.dmp

Filesize
4.1MB

Download
memory/2936-120-0x0000000000400000-0x0000000002000000-memory.dmp

Filesize
28.0MB

Download
memory/2936-119-0x0000000004210000-0x0000000004AB2000-memory.dmp

Filesize
8.6MB

Download

Analysis

Sharing

General

Malware Config

Extracted

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads