hxxps://sanbs[.]org[.]uk

General

Target

https://sanbs.org.uk

Score

5^/10

google phishing

Malware Config

Signatures

Detected potential entity reuse from brand google.
phishing google

Modifies Internet Explorer settings 1 TTPs 64 IoCs

adware spyware

Modify Registry

T1112

Processes:

iexplore.exeIEXPLORE.EXE

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\FileNames	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateHighDateTime = "30967340"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\Software\Microsoft\Internet Explorer\TypedURLs	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\FileNames\	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\Software\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = a06b7bb42c86d801	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\TypedURLsTime\url3 = 0000000000000000	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d44f7c908017924dbb36ebe98e677ce1000000000200000000001066000000010000200000008b318248706d9ee5b48a2bc71381bc45df3fc3158e82c12ec0a707357256579e000000000e8000000002000020000000f7d2491592c4628d6c834e0546bc958b3dfb852ac833d3087ac51804fdbf5bd920000000aca8c805d54dc7d2defe4d621cace7a493db988bb5f2a57c2530c9366c33d50a4000000045bd1e3f5de69cccba621622ad37a3ec8b5868471f996fc063ed9366d3936a11d76f6d95c28e114ce1ed8c51e59ae5ae8c72c8c26d9123c55d70718ab088a292	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 90c368c52c86d801	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\IESettingSync\SlowSettingTypesChanged = "6"	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d44f7c908017924dbb36ebe98e677ce10000000002000000000010660000000100002000000030f58d739ebcece7ee2ab899a90db53552e6a45098290ae5c8043f2691f7a3a1000000000e8000000002000020000000ab2b4dc828fb12bfdd0d1c7426ec2a8097dfb8f914ae356d6fd810f4fc61e78620000000bf22cf51f1db693e6cfe7d94b6abdd898af172dc6256f77f47d5c24cabe93a61400000005a7ec8130334e45e1d7acf7d47051fc82962e09bc73ef9c9c6e91a014f7f27119cbefc63078e9a7f72f3df1a8d29c22b1e08a79016965c10c41a763b976336c1	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\sanbs.org.za\Total = "0"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateLowDateTime = "2983772017"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\Total\ = "0"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastTTLLowDateTime = "1251635200"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\TypedURLsTime\url4 = 0000000000000000	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\TypedURLsTime\url5 = 0000000000000000	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\IESettingSync\SlowSettingTypesChanged = "6"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\TypedURLs\url4 = "https://signin.ebay.com/ws/ebayisapi.dll"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\sanbs.org.za\Total = "18"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "362662896"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\AdminActive\{DD420FFA-F21F-11EC-AD90-5E4EC20DECC8} = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\sanbs.org.za	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\TypedURLs\url3 = "https://login.aliexpress.com/"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\Software\Microsoft\Internet Explorer\VersionManager	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\TypedURLs\url2 = "https://www.facebook.com/"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\TypedURLs\url5 = "https://login.live.com/"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\sanbs.org.za\ = "0"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastTTLHighDateTime = "50"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateLowDateTime = "2993772190"	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\TypedURLsTime\url2 = 0000000000000000	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\TypedURLs\url6 = "https://twitter.com/"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastCheckForUpdateHighDateTime = "30967340"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\TypedURLs\url1 = "http://www.google.co.uk/"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 60abbbbf2c86d801	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\FileNames\	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d44f7c908017924dbb36ebe98e677ce1000000000200000000001066000000010000200000006cbfef3b9235d29b1c3d0cc900b9460809fc3949a3461e4d1275872637f2f14d000000000e800000000200002000000062d66f30cc0567e48dcdf2ca9f5f6d7455cded6d0a44fe6a97b20a489710c4fc2000000075bc86798d72d67961d864f2875a63ec318df893c73b307eb169fd9082b60e9340000000e20c876a9b55685f6c4611bcbabbe414b1df837192e62cca663d1a2c52c714af36a29e476f67a8a288644dab2ea7670eb23117fb5eb1167877891b7fa6ff6895	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\Software\Microsoft\Internet Explorer\DOMStorage\sanbs.org.za	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000d44f7c908017924dbb36ebe98e677ce1000000000200000000001066000000010000200000002160fca6392e5d9fc726a85cde8b6a0164af9414518af61186609789090c1546000000000e80000000020000200000007e46c6b9cfcfddc39dc30eaa365950ca7b86b782c3dbb5d3fed6716265231b67200000004217bc64d0091f4e8e88a8207330c48dbb7cff9a29735cfdcf7bcf7ce814b89a40000000ca15db65d7ace20f9a8f98fc3607dfb607d3e9457835793ed6b6e91be91b88b1b0c2315595fa9d2e35a45c6a3018a714c468c3cdbfe80e794afa6a6e3b282168	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\VersionManager\LastUpdateHighDateTime = "30967340"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\TypedURLsTime\url6 = 0000000000000000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 7084f8b72c86d801	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\Total\ = "18"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\sanbs.org.za\ = "18"	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\FileNames\en-US = "en-US.1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1809750270-3141839489-3074374771-1000\SOFTWARE\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe

Modifies registry class 1 IoCs

Processes:

IEXPLORE.EXE

description	ioc	process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1809750270-3141839489-3074374771-1000\{4316680B-B7A8-455D-8563-77FDCE84C5E7}	IEXPLORE.EXE

Suspicious use of FindShellTrayWindow 1 IoCs

Processes:

iexplore.exe

pid process

2160 iexplore.exe

Suspicious use of SetWindowsHookEx 9 IoCs

Processes:

iexplore.exeIEXPLORE.EXE

pid	process
2160	iexplore.exe
2160	iexplore.exe
2000	IEXPLORE.EXE
2000	IEXPLORE.EXE
2000	IEXPLORE.EXE
2000	IEXPLORE.EXE
2160	iexplore.exe
2000	IEXPLORE.EXE
2000	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 3 IoCs

Processes:

iexplore.exe

description	pid	process	target process
PID 2160 wrote to memory of 2000	2160	iexplore.exe	IEXPLORE.EXE
PID 2160 wrote to memory of 2000	2160	iexplore.exe	IEXPLORE.EXE
PID 2160 wrote to memory of 2000	2160	iexplore.exe	IEXPLORE.EXE

C:\Program Files\Internet Explorer\iexplore.exe
"C:\Program Files\Internet Explorer\iexplore.exe" https://sanbs.org.uk
1⤵
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2160

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2160 CREDAT:17410 /prefetch:2
2⤵
- Modifies Internet Explorer settings
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:2000

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1

T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
Filesize
471B

MD5
92488b432174ef5c253c389d46ac8160

SHA1
0e1366585e95a46303f7ad7828a07d5564814ab8

SHA256
10c33c46e15c81056e94e5109cf3e26275bd1c706179abe6054df45e8a0d7551

SHA512
6d5615ebad8ed456fcba46524c6cc1c6482cd4bf8d04a9a52419d2c1c3ce3549632eb552cbf37025436977e06f645e68db576ca4c830e5ee3e66353872322e32

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\82CB34DD3343FE727DF8890D352E0D8F
Filesize
7KB

MD5
aa8162282e6f84725265757a67753a0d

SHA1
42f62b4cee0e3418197c8cf1854919763aa78aa6

SHA256
0e852a866600c1e45bccb21655dedfee018e22983cda38b8f84102413f804c0f

SHA512
893d4f6f3b4ba894f5456a696191b4fe90c3e697587262789e64de7dd7ac055bdea13678e25fb91be2db4c1f485fc4faa30202b74a0de624b76ee125bc4b81ca

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
Filesize
404B

MD5
02a3f7a04f758db5c6b6387f485934ca

SHA1
8e1385e34ead191d485cd8a7ab2d3456efb1d005

SHA256
4cb0517be2a554fd596f70a96d2b37707c38042c87b7b0e851e8c95ff5cd9d15

SHA512
068c56d6cc32afddc36524f4c239b1eacd90ad494c0cc9119b4e06933bb8325b55d011083b30d95a275226519496f4fc5f30181fad1ef2bfc0daea3dcc7aca5c

Download Submit
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\82CB34DD3343FE727DF8890D352E0D8F
Filesize
226B

MD5
608b590f5d33c1377753857b511ce27d

SHA1
2a2169755caa2305391a03ab93d8a1ce1a922b36

SHA256
5287ca5072fd5d549b2089bcdb703f6d4efb7296a3e372e76628dba6f45530dc

SHA512
e060762cb052a2cfebc220dd2e64ff49b57b3036cfe3e0f4f098b7349e8007eeb0288c52302311ab4d204d94ca76875bee57996ef52e9921eda0e51371945d24

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\jnqp20o\imagestore.dat
Filesize
5KB

MD5
b49d113d8ed76177f202407be0b01a99

SHA1
d205a8acb8aafbbdb49881f8ff4aa3b55d45debb

SHA256
343a9566ed1a29c98e02a484dffffc9374d8dd904d2572300622fb7316184f87

SHA512
c9884595e57ac2c55119dc4833b8fc096e0ad0bd81923be31d45add9d02bcac392f326c42d45f354e5afd823e0d642f303cf0331d346689a57e234edbd89e375

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\jnqp20o\imagestore.dat
Filesize
39KB

MD5
67efbad799af97527731b32d543a0c0a

SHA1
792a15c09def8b59a30b7895f1b1ca333c02211d

SHA256
91c83d381621264818ef237597111a67da1f7d7039bf9f48c16daaba7fdcca1b

SHA512
8f87ee92bd76f5a4279dc65c5e7c14d431c766524ea2232d1b491b7a4561518559708ba1e588216bbca0ed9b84c4418cba5ab5b3325c5f11826a5625aee47560

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\VBHSBN4S\favicon[1].ico
Filesize
5KB

MD5
f3418a443e7d841097c714d69ec4bcb8

SHA1
49263695f6b0cdd72f45cf1b775e660fdc36c606

SHA256
6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770

SHA512
82d017c4b7ec8e0c46e8b75da0ca6a52fd8bce7fcf4e556cbdf16b49fc81be9953fe7e25a05f63ecd41c7272e8bb0a9fd9aedf0ac06cb6032330b096b3702563

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix ATT&CK v6

Replay Monitor

Loading Replay Monitor...

Downloads