181bbf665c437d573897a811f3975fdf43d185ace6b56b3ea4a1cd14305b991c

General

Target

Invoice.html191.html
Size

18KB
MD5

50bd74b65b7d03c95f489419e5006be7
SHA1

1926f5f766ff288a82e36b87ca0ea3c8a3978160
SHA256

181bbf665c437d573897a811f3975fdf43d185ace6b56b3ea4a1cd14305b991c
SHA512

60ffd7707064982d375c4693b21b2b93ca3d86809746ce6a33173eeba06020718bf8bb5bb50428b066a06315cd68b4e6ee7699df28b5a3641440155aa2318b67
SSDEEP

384:vHlTyghnaJEOVO2SNXesZvAr395/Q2M21JHrOue6tiZuoeWym3JPHq/aDfA:vH6slMS2MXkousA

Score

5^/10

microsoft phishing

Malware Config

Signatures

Detected potential entity reuse from brand microsoft.
phishing microsoft

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

chrome.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

Processes:

chrome.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133236951454185761"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

Processes:

chrome.exechrome.exe

pid process

3132 chrome.exe
3132 chrome.exe
1428 chrome.exe
1428 chrome.exe
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

Processes:

chrome.exe

pid process

3132 chrome.exe
3132 chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

chrome.exe

description	pid	process
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe
Token: SeShutdownPrivilege	3132	chrome.exe
Token: SeCreatePagefilePrivilege	3132	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

Processes:

chrome.exe

pid	process
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

Processes:

chrome.exe

pid	process
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe
3132	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

chrome.exe

description	pid	process	target process
PID 3132 wrote to memory of 2436	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 2436	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 680	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 680	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 680	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 680	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 680	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 680	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 680	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 680	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 680	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 680	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 680	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 680	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 680	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 680	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 680	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 680	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 680	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 680	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 680	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 680	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 680	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 680	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 680	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 680	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 680	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 680	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 680	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 680	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 680	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 680	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 680	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 680	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 680	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 680	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 680	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 680	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 680	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 680	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 1724	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 1724	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 2012	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 2012	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 2012	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 2012	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 2012	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 2012	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 2012	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 2012	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 2012	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 2012	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 2012	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 2012	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 2012	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 2012	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 2012	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 2012	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 2012	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 2012	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 2012	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 2012	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 2012	3132	chrome.exe	chrome.exe
PID 3132 wrote to memory of 2012	3132	chrome.exe	chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" C:\Users\Admin\AppData\Local\Temp\Invoice.html191.html
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3132

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb0b619758,0x7ffb0b619768,0x7ffb0b619778
2⤵
PID:2436

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1824 --field-trial-handle=1840,i,5205537293819362393,1421428935532895204,131072 /prefetch:2
2⤵
PID:680

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1840,i,5205537293819362393,1421428935532895204,131072 /prefetch:8
2⤵
PID:1724

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2208 --field-trial-handle=1840,i,5205537293819362393,1421428935532895204,131072 /prefetch:8
2⤵
PID:2012

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3236 --field-trial-handle=1840,i,5205537293819362393,1421428935532895204,131072 /prefetch:1
2⤵
PID:3512

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3240 --field-trial-handle=1840,i,5205537293819362393,1421428935532895204,131072 /prefetch:1
2⤵
PID:5016

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5092 --field-trial-handle=1840,i,5205537293819362393,1421428935532895204,131072 /prefetch:8
2⤵
PID:2524

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5048 --field-trial-handle=1840,i,5205537293819362393,1421428935532895204,131072 /prefetch:8
2⤵
PID:3184

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2784 --field-trial-handle=1840,i,5205537293819362393,1421428935532895204,131072 /prefetch:2
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:1428

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4388

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1

T1012

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\7daa90ce-43cd-443b-b4db-f1d6fbb92252.tmp
Filesize
143KB

MD5
42166264e6d3f095847e050a28a8bcf2

SHA1
ad9e5374ced01b184e6da772f17336553e06e917

SHA256
52aef39d5f20e08b4b3c0eac3ca3265b7a8e0bbb67fdb398fff2ec812cf7f1eb

SHA512
67173b39f59315b01930efae9564847e15940f3d8b5dea6ce06003908cfe6c0da014e2055f80e8beabff4fece6472d35cc72ade33c186c6a4fef5aca23666111

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
2KB

MD5
94aa9d8cfbda32e3e30753553465096d

SHA1
207ddd5e856847f18fe807af767885f1a6d4e60c

SHA256
2c85556fa79641b13d7aa8d707e87e460a0f27860f553829cdebc20924351766

SHA512
1e284cf629d742ab28944b9a1f7b23709ce0c4431034ecce5b24eeb8cf2116bd019d8688f764f41055109abc009376d3fd4fccdad36984c3842e903817777f67

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
706B

MD5
32d854076bde6b1d6c97cc1803158c33

SHA1
70f00bdf20e54691ffb43d3979f2f5fe435536f6

SHA256
2fa2b726dea9cf2ba267eb7cb3c86657448d6f6a11d8a4de968e620d0f69c816

SHA512
d9110e0e276f05189b0bc61cd414d10489b986e840344be3af4712afb5bd433c8b8380091f0607b21ee6c89b653f875bcfd36f9a8dddf1c9419a9fa6af83ded9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
5KB

MD5
cee6014005e8ff19b828d797e653f52a

SHA1
76ae171fe2c498d4220d1e529c011a862a1577c8

SHA256
75217bd08a7fef4f9a61d6e2ef830cad272685b4ed07a1f68855a7d13cb67c0d

SHA512
8021a9ad0749a6dfbaeea0b9ca4fb31727b4f996558b0a5c1cc6fca4acb4f7e8d576c9f729e70eee8d9cd89ef7c6bfedd60709e2b1f3a26a9c82e314b8969b83

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
5KB

MD5
1e8c81d9a45f6edbd216226296367856

SHA1
8e5d151802c6315c8bd7ab918ae5213bafd75949

SHA256
447ffe7f492202539d9645f41a218d2e6fa5a85e6d2dae1a2b653441e331dd28

SHA512
ce01dcc7c46bca53fe54e7449b8d5a3ba9bf9f0aada27c92a66eb42fc487e2bd71db8a313c9b8826820a781a8bcd726fdd67350ca8f559635d6fea7c5ff9da46

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
5KB

MD5
c078cc0c105460d52d47d36ab5f0298d

SHA1
6767c3f67775f207d7850c9c2c3a96284e6a8177

SHA256
925dc779224b0271cc8b39ae457c543d4ef279439ed4fcf1ab8f60cbb869b1ab

SHA512
13b1b59b4643cecc4354fb5c0f433c9cc40ac7614caed31543b737a53cb4a6d213a3e804f0881e799e98d5256f4479a610b0fc2673afd224d16774636f27f785

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
\??\pipe\crashpad_3132_DZEVYLCITCBVUCRF
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix ATT&CK v6

Replay Monitor

Loading Replay Monitor...

Downloads