Analysis

  • max time kernel
    151s
  • max time network
    154s
  • platform
    windows7_x64
  • resource
    win7-20220414-en
  • submitted
    08-07-2022 18:20

General

  • Target

    9e342cb7774df4cb49b54664cefe3d271318686acd7f1d9553d1360f6e91c0af.exe

  • Size

    2.8MB

  • MD5

    a62d3ef02ead6054fe3d56488f2d6873

  • SHA1

    fa93fd0a636b60327caa06933f690af3641b6791

  • SHA256

    9e342cb7774df4cb49b54664cefe3d271318686acd7f1d9553d1360f6e91c0af

  • SHA512

    6236febd0b32363306fd6dd1548c2050c48c0ba5ea640d6987f462746c33815fb7ee96d66ea9c016dfda1e7741a3c724dc6be08022fe43ac385e2cb4ed59babe

Score
10/10

Malware Config

Signatures

  • ParallaxRat

    ParallaxRat is a multipurpose RAT written in MASM.

  • ParallaxRat payload 1 IoCs

    Detects payload of Parallax Rat, a small portable Rat usually digitally signed with a Sectigo certificate.

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious behavior: MapViewOfSection 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\9e342cb7774df4cb49b54664cefe3d271318686acd7f1d9553d1360f6e91c0af.exe
    "C:\Users\Admin\AppData\Local\Temp\9e342cb7774df4cb49b54664cefe3d271318686acd7f1d9553d1360f6e91c0af.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: MapViewOfSection
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1992
    • C:\Windows\SysWOW64\svchost.exe
      C:\Windows\system32\svchost.exe
      2⤵
        PID:1440

    Network

    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    • flag-us
      DNS
      ariganaparas1p3m9.pw
      svchost.exe
      Remote address:
      8.8.8.8:53
      Request
      ariganaparas1p3m9.pw
      IN A
      Response
    No results found
    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      132 B
      132 B
      2
      2

      DNS Request

      ariganaparas1p3m9.pw

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      330 B
      5

      DNS Request

      ariganaparas1p3m9.pw

      DNS Request

      ariganaparas1p3m9.pw

      DNS Request

      ariganaparas1p3m9.pw

      DNS Request

      ariganaparas1p3m9.pw

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53
      ariganaparas1p3m9.pw
      dns
      svchost.exe
      66 B
      66 B
      1
      1

      DNS Request

      ariganaparas1p3m9.pw

    • 8.8.8.8:53

    MITRE ATT&CK Enterprise v6

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1440-58-0x0000000000080000-0x0000000000081249-memory.dmp

      Filesize

      4KB

    • memory/1440-57-0x0000000000080000-0x0000000000081249-memory.dmp

      Filesize

      4KB

    • memory/1440-62-0x0000000000400000-0x0000000000424000-memory.dmp

      Filesize

      144KB

    • memory/1992-54-0x0000000074E91000-0x0000000074E93000-memory.dmp

      Filesize

      8KB

    • memory/1992-55-0x0000000000400000-0x00000000006DF000-memory.dmp

      Filesize

      2.9MB

    • memory/1992-56-0x0000000000400000-0x00000000006DF000-memory.dmp

      Filesize

      2.9MB

    • memory/1992-61-0x0000000000400000-0x00000000006DF000-memory.dmp

      Filesize

      2.9MB

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.