description	ioc	Process
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName	taskmgr.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000	taskmgr.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A	taskmgr.exe

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	taskmgr.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	taskmgr.exe

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

pid	Process
4812	taskmgr.exe
4812	taskmgr.exe
900	msedge.exe
900	msedge.exe
2960	msedge.exe
2960	msedge.exe
4812	taskmgr.exe
4812	taskmgr.exe
4812	taskmgr.exe
4812	taskmgr.exe
4812	taskmgr.exe
4812	taskmgr.exe
4812	taskmgr.exe
4812	taskmgr.exe
3948	identity_helper.exe
3948	identity_helper.exe
4812	taskmgr.exe
4812	taskmgr.exe
4812	taskmgr.exe
4812	taskmgr.exe
4812	taskmgr.exe
4812	taskmgr.exe
4812	taskmgr.exe
4812	taskmgr.exe
4812	taskmgr.exe
4812	taskmgr.exe

description	pid	Process
Token: SeDebugPrivilege	4812	taskmgr.exe
Token: SeSystemProfilePrivilege	4812	taskmgr.exe
Token: SeCreateGlobalPrivilege	4812	taskmgr.exe
Token: 33	4812	taskmgr.exe
Token: SeIncBasePriorityPrivilege	4812	taskmgr.exe

description	pid	Process	procid_target
PID 2960 wrote to memory of 5088	2960	msedge.exe	85
PID 2960 wrote to memory of 5088	2960	msedge.exe	85
PID 2960 wrote to memory of 2376	2960	msedge.exe	87
PID 2960 wrote to memory of 2376	2960	msedge.exe	87
PID 2960 wrote to memory of 2376	2960	msedge.exe	87
PID 2960 wrote to memory of 2376	2960	msedge.exe	87
PID 2960 wrote to memory of 2376	2960	msedge.exe	87
PID 2960 wrote to memory of 2376	2960	msedge.exe	87
PID 2960 wrote to memory of 2376	2960	msedge.exe	87
PID 2960 wrote to memory of 2376	2960	msedge.exe	87
PID 2960 wrote to memory of 2376	2960	msedge.exe	87
PID 2960 wrote to memory of 2376	2960	msedge.exe	87
PID 2960 wrote to memory of 2376	2960	msedge.exe	87
PID 2960 wrote to memory of 2376	2960	msedge.exe	87
PID 2960 wrote to memory of 2376	2960	msedge.exe	87
PID 2960 wrote to memory of 2376	2960	msedge.exe	87
PID 2960 wrote to memory of 2376	2960	msedge.exe	87
PID 2960 wrote to memory of 2376	2960	msedge.exe	87
PID 2960 wrote to memory of 2376	2960	msedge.exe	87
PID 2960 wrote to memory of 2376	2960	msedge.exe	87
PID 2960 wrote to memory of 2376	2960	msedge.exe	87
PID 2960 wrote to memory of 2376	2960	msedge.exe	87
PID 2960 wrote to memory of 2376	2960	msedge.exe	87
PID 2960 wrote to memory of 2376	2960	msedge.exe	87
PID 2960 wrote to memory of 2376	2960	msedge.exe	87
PID 2960 wrote to memory of 2376	2960	msedge.exe	87
PID 2960 wrote to memory of 2376	2960	msedge.exe	87
PID 2960 wrote to memory of 2376	2960	msedge.exe	87
PID 2960 wrote to memory of 2376	2960	msedge.exe	87
PID 2960 wrote to memory of 2376	2960	msedge.exe	87
PID 2960 wrote to memory of 2376	2960	msedge.exe	87
PID 2960 wrote to memory of 2376	2960	msedge.exe	87
PID 2960 wrote to memory of 2376	2960	msedge.exe	87
PID 2960 wrote to memory of 2376	2960	msedge.exe	87
PID 2960 wrote to memory of 2376	2960	msedge.exe	87
PID 2960 wrote to memory of 2376	2960	msedge.exe	87
PID 2960 wrote to memory of 2376	2960	msedge.exe	87
PID 2960 wrote to memory of 2376	2960	msedge.exe	87
PID 2960 wrote to memory of 2376	2960	msedge.exe	87
PID 2960 wrote to memory of 2376	2960	msedge.exe	87
PID 2960 wrote to memory of 2376	2960	msedge.exe	87
PID 2960 wrote to memory of 2376	2960	msedge.exe	87
PID 2960 wrote to memory of 900	2960	msedge.exe	88
PID 2960 wrote to memory of 900	2960	msedge.exe	88
PID 2960 wrote to memory of 1296	2960	msedge.exe	90
PID 2960 wrote to memory of 1296	2960	msedge.exe	90
PID 2960 wrote to memory of 1296	2960	msedge.exe	90
PID 2960 wrote to memory of 1296	2960	msedge.exe	90
PID 2960 wrote to memory of 1296	2960	msedge.exe	90
PID 2960 wrote to memory of 1296	2960	msedge.exe	90
PID 2960 wrote to memory of 1296	2960	msedge.exe	90
PID 2960 wrote to memory of 1296	2960	msedge.exe	90
PID 2960 wrote to memory of 1296	2960	msedge.exe	90
PID 2960 wrote to memory of 1296	2960	msedge.exe	90
PID 2960 wrote to memory of 1296	2960	msedge.exe	90
PID 2960 wrote to memory of 1296	2960	msedge.exe	90
PID 2960 wrote to memory of 1296	2960	msedge.exe	90
PID 2960 wrote to memory of 1296	2960	msedge.exe	90
PID 2960 wrote to memory of 1296	2960	msedge.exe	90
PID 2960 wrote to memory of 1296	2960	msedge.exe	90
PID 2960 wrote to memory of 1296	2960	msedge.exe	90
PID 2960 wrote to memory of 1296	2960	msedge.exe	90
PID 2960 wrote to memory of 1296	2960	msedge.exe	90
PID 2960 wrote to memory of 1296	2960	msedge.exe	90

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Response

DNS Request

DNS Request

DNS Response

DNS Response

DNS Request

DNS Request

DNS Response

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.