f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388

Analysis

max time kernel
149s
max time network
31s
platform
windows7_x64
resource
win7-20230703-en
resource tags

arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
submitted
07-07-2023 21:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe
Size

4.9MB
MD5

b1417930b362afa743ccc22ee0897616
SHA1

8223e4108872d80ac7946ba40228d727a0c8474b
SHA256

f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388
SHA512

9750b25661a1f2a7768eb0f0c8778a4f166f240250e0e6be40f7b4198eb6168bedefd66bca206d34c8f20fbf8103a86bf0b7096e32365e73e4328687a8715a67
SSDEEP

49152:Kcy+hHebo3rvGLHMjOPgNOlE8XHg1itvjKWv54O3BgBaLhx7ooJCKk:hy+hHGo3rqoIlOqj6oJCK

Score

1^/10

Malware Config

Signatures

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeIncreaseQuotaPrivilege	560	wmic.exe
Token: SeSecurityPrivilege	560	wmic.exe
Token: SeTakeOwnershipPrivilege	560	wmic.exe
Token: SeLoadDriverPrivilege	560	wmic.exe
Token: SeSystemProfilePrivilege	560	wmic.exe
Token: SeSystemtimePrivilege	560	wmic.exe
Token: SeProfSingleProcessPrivilege	560	wmic.exe
Token: SeIncBasePriorityPrivilege	560	wmic.exe
Token: SeCreatePagefilePrivilege	560	wmic.exe
Token: SeBackupPrivilege	560	wmic.exe
Token: SeRestorePrivilege	560	wmic.exe
Token: SeShutdownPrivilege	560	wmic.exe
Token: SeDebugPrivilege	560	wmic.exe
Token: SeSystemEnvironmentPrivilege	560	wmic.exe
Token: SeRemoteShutdownPrivilege	560	wmic.exe
Token: SeUndockPrivilege	560	wmic.exe
Token: SeManageVolumePrivilege	560	wmic.exe
Token: 33	560	wmic.exe
Token: 34	560	wmic.exe
Token: 35	560	wmic.exe
Token: SeIncreaseQuotaPrivilege	560	wmic.exe
Token: SeSecurityPrivilege	560	wmic.exe
Token: SeTakeOwnershipPrivilege	560	wmic.exe
Token: SeLoadDriverPrivilege	560	wmic.exe
Token: SeSystemProfilePrivilege	560	wmic.exe
Token: SeSystemtimePrivilege	560	wmic.exe
Token: SeProfSingleProcessPrivilege	560	wmic.exe
Token: SeIncBasePriorityPrivilege	560	wmic.exe
Token: SeCreatePagefilePrivilege	560	wmic.exe
Token: SeBackupPrivilege	560	wmic.exe
Token: SeRestorePrivilege	560	wmic.exe
Token: SeShutdownPrivilege	560	wmic.exe
Token: SeDebugPrivilege	560	wmic.exe
Token: SeSystemEnvironmentPrivilege	560	wmic.exe
Token: SeRemoteShutdownPrivilege	560	wmic.exe
Token: SeUndockPrivilege	560	wmic.exe
Token: SeManageVolumePrivilege	560	wmic.exe
Token: 33	560	wmic.exe
Token: 34	560	wmic.exe
Token: 35	560	wmic.exe
Token: SeIncreaseQuotaPrivilege	2160	wmic.exe
Token: SeSecurityPrivilege	2160	wmic.exe
Token: SeTakeOwnershipPrivilege	2160	wmic.exe
Token: SeLoadDriverPrivilege	2160	wmic.exe
Token: SeSystemProfilePrivilege	2160	wmic.exe
Token: SeSystemtimePrivilege	2160	wmic.exe
Token: SeProfSingleProcessPrivilege	2160	wmic.exe
Token: SeIncBasePriorityPrivilege	2160	wmic.exe
Token: SeCreatePagefilePrivilege	2160	wmic.exe
Token: SeBackupPrivilege	2160	wmic.exe
Token: SeRestorePrivilege	2160	wmic.exe
Token: SeShutdownPrivilege	2160	wmic.exe
Token: SeDebugPrivilege	2160	wmic.exe
Token: SeSystemEnvironmentPrivilege	2160	wmic.exe
Token: SeRemoteShutdownPrivilege	2160	wmic.exe
Token: SeUndockPrivilege	2160	wmic.exe
Token: SeManageVolumePrivilege	2160	wmic.exe
Token: 33	2160	wmic.exe
Token: 34	2160	wmic.exe
Token: 35	2160	wmic.exe
Token: SeIncreaseQuotaPrivilege	2160	wmic.exe
Token: SeSecurityPrivilege	2160	wmic.exe
Token: SeTakeOwnershipPrivilege	2160	wmic.exe
Token: SeLoadDriverPrivilege	2160	wmic.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2216 wrote to memory of 560	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	28
PID 2216 wrote to memory of 560	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	28
PID 2216 wrote to memory of 560	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	28
PID 2216 wrote to memory of 560	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	28
PID 2216 wrote to memory of 2160	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	31
PID 2216 wrote to memory of 2160	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	31
PID 2216 wrote to memory of 2160	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	31
PID 2216 wrote to memory of 2160	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	31
PID 2216 wrote to memory of 300	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	33
PID 2216 wrote to memory of 300	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	33
PID 2216 wrote to memory of 300	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	33
PID 2216 wrote to memory of 300	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	33
PID 2216 wrote to memory of 3032	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	35
PID 2216 wrote to memory of 3032	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	35
PID 2216 wrote to memory of 3032	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	35
PID 2216 wrote to memory of 3032	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	35
PID 2216 wrote to memory of 2252	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	37
PID 2216 wrote to memory of 2252	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	37
PID 2216 wrote to memory of 2252	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	37
PID 2216 wrote to memory of 2252	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	37
PID 2216 wrote to memory of 2580	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	39
PID 2216 wrote to memory of 2580	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	39
PID 2216 wrote to memory of 2580	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	39
PID 2216 wrote to memory of 2580	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	39
PID 2216 wrote to memory of 1192	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	41
PID 2216 wrote to memory of 1192	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	41
PID 2216 wrote to memory of 1192	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	41
PID 2216 wrote to memory of 1192	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	41
PID 2216 wrote to memory of 944	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	43
PID 2216 wrote to memory of 944	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	43
PID 2216 wrote to memory of 944	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	43
PID 2216 wrote to memory of 944	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	43
PID 2216 wrote to memory of 2708	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	45
PID 2216 wrote to memory of 2708	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	45
PID 2216 wrote to memory of 2708	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	45
PID 2216 wrote to memory of 2708	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	45
PID 2216 wrote to memory of 2604	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	47
PID 2216 wrote to memory of 2604	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	47
PID 2216 wrote to memory of 2604	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	47
PID 2216 wrote to memory of 2604	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	47
PID 2216 wrote to memory of 2808	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	49
PID 2216 wrote to memory of 2808	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	49
PID 2216 wrote to memory of 2808	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	49
PID 2216 wrote to memory of 2808	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	49
PID 2216 wrote to memory of 2876	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	51
PID 2216 wrote to memory of 2876	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	51
PID 2216 wrote to memory of 2876	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	51
PID 2216 wrote to memory of 2876	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	51
PID 2216 wrote to memory of 2496	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	53
PID 2216 wrote to memory of 2496	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	53
PID 2216 wrote to memory of 2496	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	53
PID 2216 wrote to memory of 2496	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	53
PID 2216 wrote to memory of 2980	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	55
PID 2216 wrote to memory of 2980	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	55
PID 2216 wrote to memory of 2980	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	55
PID 2216 wrote to memory of 2980	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	55
PID 2216 wrote to memory of 2476	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	57
PID 2216 wrote to memory of 2476	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	57
PID 2216 wrote to memory of 2476	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	57
PID 2216 wrote to memory of 2476	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	57
PID 2216 wrote to memory of 2748	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	59
PID 2216 wrote to memory of 2748	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	59
PID 2216 wrote to memory of 2748	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	59
PID 2216 wrote to memory of 2748	2216	f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe	59

C:\Users\Admin\AppData\Local\Temp\f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe
"C:\Users\Admin\AppData\Local\Temp\f46cdce2eb09df5bc3475df6fd8f6d512859f6307daccc180ff8b0bb4785b388.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2216
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  - Suspicious use of AdjustPrivilegeToken
  PID:560
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  - Suspicious use of AdjustPrivilegeToken
  PID:2160
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:300
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:3032
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:2252
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:2580
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:1192
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:944
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:2708
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:2604
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:2808
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:2876
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:2496
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:2980
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:2476
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:2748
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:1876
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:692
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:1940
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:1896
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:2840
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:2752
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:2376
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:1168
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:2072
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:1624
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:1256
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:1972
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:1644
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:2116
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:1544
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:1712
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:2944
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:2576
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:2016
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:1124
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:2092
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:3048
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:2700
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:2772
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:2528
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:2660
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:2524
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:3008
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:1392
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:1128
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:1616
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:1296
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:1992
- C:\Windows\SysWOW64\Wbem\wmic.exe
  wmic process where caption='LeagueClientUx.exe' get commandline
  2⤵
  PID:2776

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2216-54-0x0000000000830000-0x0000000000EF7000-memory.dmp

Filesize
6.8MB

Download
memory/2216-55-0x0000000000830000-0x0000000000EF7000-memory.dmp

Filesize
6.8MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads