c5b286a65a933f73927e8b7729db2a0f29317ea0ab58e771a7b19617f32557b8

Analysis

max time kernel
120s
max time network
134s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
06-01-2024 17:28

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

46cb47da604500fc6c597be261926c07.exe
Size

180KB
MD5

46cb47da604500fc6c597be261926c07
SHA1

5c7fc7f69e12eca65fdff23b4a3e7b8676508009
SHA256

c5b286a65a933f73927e8b7729db2a0f29317ea0ab58e771a7b19617f32557b8
SHA512

a47170642d0c0eb7a283748b3f3430f3c767a77bb5cc17e6e5782eb89c77b3405ab0f19fdf871b937846dcff5ae3cf2e054e4888a8ac86ad1b5abb71cf115c46
SSDEEP

768:HcTkkrwLA6lMNYvZ+00LFdCCDZzoc+Z5HdewVLh1k5SQFqdKjCq0H5BdUf2jVYvz:2PMZV9jgSQydA2+hjgSQHgX

Score

8^/10

persistence

Malware Config

Signatures

Adds policy Run key to start application 2 TTPs 2 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run	alg.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\lsass = "C:\\Windows\\alg.exe"	alg.exe

Executes dropped EXE 2 IoCs

pid	Process
3060	46cb47da604500fc6c597be261926c07.exe
2772	alg.exe

Loads dropped DLL 22 IoCs

pid	Process
1368	46cb47da604500fc6c597be261926c07.exe
2772	alg.exe
2772	alg.exe
2772	alg.exe
2772	alg.exe
2772	alg.exe
2772	alg.exe
2772	alg.exe
2772	alg.exe
2772	alg.exe
2772	alg.exe
2772	alg.exe
2772	alg.exe
2772	alg.exe
2772	alg.exe
2772	alg.exe
2772	alg.exe
2772	alg.exe
2772	alg.exe
2772	alg.exe
2772	alg.exe
2772	alg.exe

Drops file in Program Files directory 44 IoCs

description	ioc	Process
File opened for modification	\??\c:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\template.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Common Files\microsoft shared\EQUATION\alg.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Common Files\microsoft shared\ink\mip.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Adobe\Reader 9.0\Reader\AdobeCollabSync.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Adobe\Reader 9.0\Reader\LogTransport2.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\RCX4CC1.tmp	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Common Files\microsoft shared\DW\RCX4D01.tmp	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Adobe\Reader 9.0\Reader\A3DUtility.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Eula.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\RCX4C41.tmp	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\airappinstaller.exe	alg.exe
File created	\??\c:\Program Files (x86)\Common Files\microsoft shared\EQUATION\alg.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Common Files\microsoft shared\MSInfo\msinfo32.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Adobe\Reader 9.0\Reader\RCX481A.tmp	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\Setup.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Common Files\Adobe\Updater6\alg.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Common Files\Adobe\Updater6\RCX4C90.tmp	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Common Files\microsoft shared\DW\alg.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroBroker.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroTextExtractor.exe	alg.exe
File created	\??\c:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\alg.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Common Files\Adobe\Updater6\AdobeUpdaterInstallMgr.exe	alg.exe
File created	\??\c:\Program Files (x86)\Common Files\Adobe\Updater6\alg.exe	alg.exe
File created	\??\c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\alg.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\alg.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Common Files\microsoft shared\ink\pipanel.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Adobe\Reader 9.0\Reader\RCX483A.tmp	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe	alg.exe
File created	\??\c:\Program Files (x86)\Common Files\microsoft shared\DW\alg.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Common Files\microsoft shared\EQUATION\EQNEDT32.EXE	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Common Files\microsoft shared\EQUATION\RCX4D5F.tmp	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Common Files\microsoft shared\ink\TabTip32.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Adobe\Reader 9.0\Reader\alg.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\alg.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Common Files\microsoft shared\DW\DWTRIG20.EXE	alg.exe
File created	\??\c:\Program Files (x86)\Adobe\Reader 9.0\Reader\alg.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Adobe\Reader 9.0\Reader\RCX4889.tmp	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Common Files\Adobe\Updater6\Adobe_Updater.exe	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\RCX4CB1.tmp	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Common Files\microsoft shared\DW\DW20.EXE	alg.exe
File opened for modification	\??\c:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32Info.exe	alg.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Checks processor information in registry 2 TTPs 2 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz	46cb47da604500fc6c597be261926c07.exe
Key opened	\REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0	46cb47da604500fc6c597be261926c07.exe

Suspicious use of WriteProcessMemory 15 IoCs

description	pid	Process	procid_target
PID 1368 wrote to memory of 3060	1368	46cb47da604500fc6c597be261926c07.exe	28
PID 1368 wrote to memory of 3060	1368	46cb47da604500fc6c597be261926c07.exe	28
PID 1368 wrote to memory of 3060	1368	46cb47da604500fc6c597be261926c07.exe	28
PID 1368 wrote to memory of 3060	1368	46cb47da604500fc6c597be261926c07.exe	28
PID 1368 wrote to memory of 3060	1368	46cb47da604500fc6c597be261926c07.exe	28
PID 1368 wrote to memory of 3060	1368	46cb47da604500fc6c597be261926c07.exe	28
PID 1368 wrote to memory of 3060	1368	46cb47da604500fc6c597be261926c07.exe	28
PID 1368 wrote to memory of 2772	1368	46cb47da604500fc6c597be261926c07.exe	29
PID 1368 wrote to memory of 2772	1368	46cb47da604500fc6c597be261926c07.exe	29
PID 1368 wrote to memory of 2772	1368	46cb47da604500fc6c597be261926c07.exe	29
PID 1368 wrote to memory of 2772	1368	46cb47da604500fc6c597be261926c07.exe	29
PID 2772 wrote to memory of 2692	2772	alg.exe	30
PID 2772 wrote to memory of 2692	2772	alg.exe	30
PID 2772 wrote to memory of 2692	2772	alg.exe	30
PID 2772 wrote to memory of 2692	2772	alg.exe	30

C:\Users\Admin\AppData\Local\Temp\46cb47da604500fc6c597be261926c07.exe
"C:\Users\Admin\AppData\Local\Temp\46cb47da604500fc6c597be261926c07.exe"
1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:1368
- C:\Windows\temp\46cb47da604500fc6c597be261926c07.exe
  "C:\Windows\temp\46cb47da604500fc6c597be261926c07.exe"
  2⤵
  - Executes dropped EXE
  - Checks processor information in registry
  PID:3060
- C:\Windows\alg.exe
  "C:\Windows\alg.exe"
  2⤵
  - Adds policy Run key to start application
  - Executes dropped EXE
  - Loads dropped DLL
  - Drops file in Program Files directory
  - Suspicious use of WriteProcessMemory
  PID:2772
- - C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\cmd.exe /c del C:\Windows\temp\*.* /q /s
    3⤵
    PID:2692

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Windows\alg.exe

Filesize
121KB

MD5
df1c480e5ace841b293535d925854538

SHA1
69eb925c6faba37d8a4b20b7018bf0da8135bec2

SHA256
433cfa985680ee8b9227326aa566f59cb1fc949e75d7b6aaa7792e653e902f10

SHA512
613b92a54916ff15a246b465bafd6e86b2c14f46272606811fcfa616e1d14a8d013139b8182241d0a8c9f1346e72cc412e191ac431f07b2f2b1dabf72da8673c

Download Submit
\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\ose.exe

Filesize
145KB

MD5
9d10f99a6712e28f8acd5641e3a7ea6b

SHA1
835e982347db919a681ba12f3891f62152e50f0d

SHA256
70964a0ed9011ea94044e15fa77edd9cf535cc79ed8e03a3721ff007e69595cc

SHA512
2141ee5c07aa3e038360013e3f40969e248bed05022d161b992df61f21934c5574ed9d3094ffd5245f5afd84815b24f80bda30055cf4d374f9c6254e842f6bd5

Download Submit
\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\setup.exe

Filesize
1.0MB

MD5
4d92f518527353c0db88a70fddcfd390

SHA1
c4baffc19e7d1f0e0ebf73bab86a491c1d152f98

SHA256
97e6f3fc1a9163f10b6502509d55bf75ee893967fb35f318954797e8ab4d4d9c

SHA512
05a8136ccc45ef73cd5c70ee0ef204d9d2b48b950e938494b6d1a61dfba37527c9600382321d1c031dc74e4cf3e16f001ae0f8cd64d76d765f5509ce8dc76452

Download Submit
\MSOCache\All Users\{90140000-0115-0409-0000-0000000FF1CE}-C\DW20.EXE

Filesize
818KB

MD5
a41e524f8d45f0074fd07805ff0c9b12

SHA1
948deacf95a60c3fdf17e0e4db1931a6f3fc5d38

SHA256
082329648337e5ba7377fed9d8a178809f37eecb8d795b93cca4ec07d8640ff7

SHA512
91bf4be7e82536a85a840dbc9f3ce7b7927d1cedf6391aac93989abae210620433e685b86a12d133a72369a4f8a665c46ac7fc9e8a806e2872d8b1514cbb305f

Download Submit
\MSOCache\All Users\{90140000-0115-0409-0000-0000000FF1CE}-C\dwtrig20.exe

Filesize
507KB

MD5
c87e561258f2f8650cef999bf643a731

SHA1
2c64b901284908e8ed59cf9c912f17d45b05e0af

SHA256
a1dfa6639bef3cb4e41175c43730d46a51393942ead826337ca9541ac210c67b

SHA512
dea4833aa712c5823f800f5f5a2adcf241c1b2b6747872f540f5ff9da6795c4ddb73db0912593337083c7c67b91e9eaf1b3d39a34b99980fd5904ba3d7d62f6c

Download Submit
\Program Files (x86)\Adobe\Reader 9.0\Reader\A3DUtility.exe

Filesize
245KB

MD5
e84927bc7e4bef6af8daf8640d95325e

SHA1
796cfbd54995d1340e3bdd9329e6d165af8c3859

SHA256
7744d4c0da090157809e65259fb2682e8149b3fcf64a055607ab04f0cb732ea6

SHA512
dd8c9e848100b8c67f8ac5a01e76bc11843e36824d501eca797c9560b0c99a1349ede26e5da0f57a1c66c817d0caf99284dbf968e9f5df442a7c64c88dffb261

Download Submit
\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroBroker.exe

Filesize
273KB

MD5
55e392d1bd55a1292b6ce766225416e5

SHA1
06d8134a3002e6974407fb5da0a59ab43415a52a

SHA256
db42cb95904cfc6891df2aa736506fb34a26cf9a26e88ab0ef262e0459344a3e

SHA512
0c55062cf8debbdf1a7a4f41527e43cd124fb7777e9b930de9cc900abf9c27a1956a536200e23dddc9a4068ac5bc9a8052299a4f2cf010cffd205a32d99581a2

Download Submit
\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe

Filesize
341KB

MD5
e16dd9faeca97b4c185426e5672becba

SHA1
f32087a346bcc58dedcfe1bc32f221d486a385c7

SHA256
c21bfc263890f02763f56b4e9f5cf9113656cf09d7864b53ec2fd2024bdadd60

SHA512
582180e0c7b35660114d5b1d4d5c92d75615321a74d160c2c7bc92b91a2c2b7ed758d63e2bbbdb1658992da6fe7ac546d7f4ea9a6c73a4a503989ea6e1a22d6a

Download Submit
\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32Info.exe

Filesize
14KB

MD5
dc6311fbfd49f41fbf35860a30e68355

SHA1
b08b15be412e843acaf7ad5e6df0ef1e8bdb465c

SHA256
ffdf81680522029c2eb578a9f442fd9692900a5c782c711e35203fb2d25620ba

SHA512
5e2938f5a8396154928a7d093db3843d73497cea4f49c0f1b77e3aac6e29d1db7f0ad4518587c336f0dfccb67ff33aac8e12afa70503504c5d8d46d12a86e453

Download Submit
\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroTextExtractor.exe

Filesize
25KB

MD5
6ff84be315cfafbbdf36aa01af8389e7

SHA1
2c550a4059ac331f5f5c9d3f218e0f6184aa27c9

SHA256
47c67c1c88ceaee3cf1667bf956a3e11a84dea2f7c2afc634777aa5f1bf65c76

SHA512
72498b009573a9cc9b5554e61d56b68f273682bfa2e13808f4abd5b2171aa59dd4a64bd9f68a3a416cfaceacb0041df918d8a84f28a5fa7f204fc562c5b6b174

Download Submit
\Program Files (x86)\Adobe\Reader 9.0\Reader\AdobeCollabSync.exe

Filesize
529KB

MD5
cca0c5482b8a6a275d9d49433f435dfa

SHA1
a72ae8621386e13c34055f612ae7612b8a18a39e

SHA256
6ea08bbcedf7cb51cfbe4896ef8c589a4568b1d5240265b1dcfda83dc8b55365

SHA512
b88f5cdb4bc08429ca40d24cef490128d341e10615d1d93d084b3247c2b28573d177d878c1385d3941e16a8bcc8a9f6b7870c152f4a43d02e69c05defcc9196e

Download Submit
\Program Files (x86)\Adobe\Reader 9.0\Reader\Eula.exe

Filesize
97KB

MD5
713a30695b671b6e3b19b7d09f9d8409

SHA1
83916537c86d7dc1043c752f195f04fa42813afe

SHA256
6b42e2e9822b99f5f13a6d1f639fa64cc93001266ceb7a7d342da1bce84d5c08

SHA512
a450c691e0c8d16519b418b366a260360a57e8511c6975f2e3029c41f30a68d83448126c3d57c9fb36b3a44e839d4bbcaa73e0adfe305a71e04def2fd990cbf7

Download Submit
\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe

Filesize
33KB

MD5
69b16c7b7746ba5c642fc05b3561fc73

SHA1
83d80d668dca76b899e1bf662ddee0e0c18ac791

SHA256
0deceb6b1b7a2dd1f13133ac7328ff420dad4610cee1fa7466e8e0f6baa39116

SHA512
6b8eebcfe5b04141640047fe468371ad02bb115ee9ef00260c0b33cfd56b142c2e01b3b1c6f07281aa57b1f3b9fdb1f1082fe5620f88a57b92d8f547267ef154

Download Submit
\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\Setup.exe

Filesize
333KB

MD5
e5b38b9828293047f0352f7a38a22fb1

SHA1
681311628ac93f84371b2a069fa220dc89a3f672

SHA256
b85aeeaede189d9f56c843281a492cd8ada329f0b5b8b03d5a813eba3a290b61

SHA512
ed3e369451b938a556fb561afd6fd3ff5cfc93e386b035014fd4824a808f1e92e6d095ab33c340e6cd64ee00122fbd882abbcf0e15f3ffdb29a4fb9febe42920

Download Submit
\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe

Filesize
34KB

MD5
d598a0818ec112074e4ecadb7fd83414

SHA1
a7154846b004135ba3e95e1e175d08bc9aab2e60

SHA256
d8fdda58db1a84ff2868d0d24bda9d9b496347a35008225f15c6599aa2f1c4bf

SHA512
5cd13c6b4247854a65f7322eafcb06d82c574384dc996be3bb3ab8f185818334acf6858e90136a321664543f3eb9d1b0419513ca254e4ed32959489653357240

Download Submit
\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\airappinstaller.exe

Filesize
32KB

MD5
9c5b124efd76128d26d3bcf85a3f2092

SHA1
6f4a3a1b7d4fb47aba5b1c1bfc151f6eb8d2b3b0

SHA256
5fa546e912a3fedea19477ba68bb127cd2867170a2bdb831b78549c6190d55b9

SHA512
ca13ada6916ac4b5277cb7684a05ae2d36e61e3a5dd425cdcce34b8461b2337aa9c81fde1e08d9f6d24066f103bebbf135c6f66ac76bb2767eabc93f2e47f7f3

Download Submit
\Program Files (x86)\Common Files\Adobe\Updater6\AdobeUpdaterInstallMgr.exe

Filesize
90KB

MD5
27f8ebbdef6e8fa26f02d74263610729

SHA1
2ecce90a5b5661dbae6cfb890443cf8d47f052bb

SHA256
9feda23e175fa401fccd34614e2c3afde740c2ebab9a8fbc710fb9d08b712829

SHA512
71884b8e1d7042813f9ea6813565807cfe7b57b7c2d838ebf90ec2f34ab2a6acb36458d0e5b7f8a2bb07f03cbfd9cb145dfc72dae1658d1c514ef18a025c9a28

Download Submit
\Program Files (x86)\Common Files\Adobe\Updater6\Adobe_Updater.exe

Filesize
2.4MB

MD5
34c4db669b76a662c5fa7c199e4f7519

SHA1
b047730ff73cbb63a540a2a0cd4e632ad594bbc4

SHA256
5a9619856991c1184c789d732f7c597cbe8d0add0732660a4ba358c6a3f258f8

SHA512
da596adb60d4c5ade81b196cc4277c3bfd523e70d72ed2f27d4426833f72182a99fa4bc8f069805deac958e65a4ebed7f43919853fc5fdc5b91a6e62089f2c09

Download Submit
\Program Files (x86)\Common Files\microsoft shared\EQUATION\EQNEDT32.EXE

Filesize
530KB

MD5
a87236e214f6d42a65f5dedac816aec8

SHA1
601f4e8cd6b1c5fcd8f0be4acf01a08261a07b94

SHA256
3c4a68070f3d7f14e488ae4f7ede8e7add0f8029995dc800833126ca062a2c6c

SHA512
5db8f065c02ac6a014ee407e3d64ae68fc9c9ae814532e58ea3aa27491baed8a15b5b1f90369eff37fb399c0ee96a92b3640110e3730084d3f0687734c41cf18

Download Submit
\Windows\Temp\46cb47da604500fc6c597be261926c07.exe

Filesize
59KB

MD5
5e9d2fccad3b9edbc0a8ab0fe1e5e510

SHA1
4f74227b71e570f57e0bf611de8fe2b73cd3aba3

SHA256
ba7cd3c2ef37746576ea934fbbfe6ce0f659977f604cb6528e642e6d82e60ff7

SHA512
8e5ae33075564851f1534767558b1be79894858a912e5f53b00c98ad38e46bcdd17e225e32acea78b634221b506a312185ea155faaac976642c6fc8ed352f035

Download Submit
memory/3060-107-0x00000000003F0000-0x00000000003F1000-memory.dmp

Filesize
4KB

Download
memory/3060-355-0x00000000003F0000-0x00000000003F1000-memory.dmp

Filesize
4KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads