c6a916c33096cd488ca57c28863c433cf5279128aa50ea156761bab6444f4937

Analysis

max time kernel
284s
max time network
256s
platform
windows10-2004_x64
resource
win10v2004-20240221-en
resource tags

arch:x64arch:x86image:win10v2004-20240221-enlocale:en-usos:windows10-2004-x64system
submitted
24-02-2024 11:28

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

MalwareCollection-master/Ransomware/Ransomware.NoMoreRansom.zip
Size

916KB
MD5

032f198b7b5d9553ba2e7bf34d9f33c0
SHA1

23bb43f6991b59516b20ed7d07cc55879a9192f2
SHA256

a1a0c26a3976bd07fae54519d2ca62818987ddcb7ae8dd44cebc710c1928548b
SHA512

92f9f0dfce9b48602d87d86d6e73f308573168a01e851982d1a0a0baa76568495b5815a3ed11928463db5f5aa8b6d0b685968588eb75ef9624ae5b9355922788
SSDEEP

24576:whK+SCleARYrlhgOZiapPMOiwtCd8BvABnU0FJtjVcW7:whVSCRAhgMia+OFnFAVtpZ7

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 4 IoCs

adware spyware

Modify Registry

T1112

Processes:

explorer.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000\Software\Microsoft\Internet Explorer\Toolbar	explorer.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\Locked = "1"	explorer.exe
Key created	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser	explorer.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\ITBar7Layout = 13000000000000000000000020000000100000000000000001000000010700005e01000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000	explorer.exe

Modifies registry class 64 IoCs

Processes:

explorer.exe

description	ioc	process
Set value (str)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\main.cpl,-101#immutable1 = "Customize your mouse settings, such as the button configuration, double-click speed, mouse pointers, and motion speed."	explorer.exe
Key created	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\Vid = "{65F125E5-7BE1-4810-BA9D-D271C8432CE3}"	explorer.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell\{0C3794F3-B545-43AA-A329-C37430C58D2A}\IconSize = "48"	explorer.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\Microsoft.Windows.ControlPanel\HotKey = "0"	explorer.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\Microsoft.Windows.ControlPanel\ShowCmd = "1"	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\recovery.dll,-2#immutable1 = "Recovery"	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\DeviceCenter.dll,-2000#immutable1 = "View and manage devices, printers, and print jobs"	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\accessibilitycpl.dll,-10#immutable1 = "Ease of Access Center"	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\fvecpl.dll,-2#immutable1 = "Protect your PC using BitLocker Drive Encryption."	explorer.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\systemcpl.dll,-1#immutable1 = "System"	explorer.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\GroupView = "0"	explorer.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\GroupByKey:PID = "0"	explorer.exe
Key created	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\autoplay.dll,-1#immutable1 = "AutoPlay"	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\DeviceCenter.dll,-1000#immutable1 = "Devices and Printers"	explorer.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\IconSize = "48"	explorer.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\MRUListEx = ffffffff	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell\{0C3794F3-B545-43AA-A329-C37430C58D2A}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}"	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\telephon.cpl,-1#immutable1 = "Phone and Modem"	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\main.cpl,-100#immutable1 = "Mouse"	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\appwiz.cpl,-160#immutable1 = "Uninstall or change programs on your computer."	explorer.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell\{0C3794F3-B545-43AA-A329-C37430C58D2A}\Mode = "1"	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\intl.cpl,-3#immutable1 = "Region"	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\srchadmin.dll,-601#immutable1 = "Indexing Options"	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\accessibilitycpl.dll,-45#immutable1 = "Make your computer easier to use."	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\autoplay.dll,-2#immutable1 = "Change default settings for CDs, DVDs, and devices so that you can automatically play music, view pictures, install software, and play games."	explorer.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\NodeSlot = "1"	explorer.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\Microsoft.Windows.ControlPanel\WFlags = "0"	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\sud.dll,-10#immutable1 = "Choose which programs you want Windows to use for activities like web browsing, editing photos, sending e-mail, and playing music."	explorer.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell\{0C3794F3-B545-43AA-A329-C37430C58D2A}\LogicalViewMode = "3"	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\timedate.cpl,-51#immutable1 = "Date and Time"	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\Speech\SpeechUX\speechuxcpl.dll,-1#immutable1 = "Speech Recognition"	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\fvecpl.dll,-1#immutable1 = "BitLocker Drive Encryption"	explorer.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\Rev = "0"	explorer.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\NodeSlot = "2"	explorer.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell\{0C3794F3-B545-43AA-A329-C37430C58D2A}\GroupByKey:PID = "0"	explorer.exe
Key created	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\appwiz.cpl,-159#immutable1 = "Programs and Features"	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\fhcpl.dll,-2#immutable1 = "Keep a history of your files"	explorer.exe
Key created	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0	explorer.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 00000000ffffffff	explorer.exe
Key created	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\powercpl.dll,-1#immutable1 = "Power Options"	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\RADCUI.dll,-15300#immutable1 = "RemoteApp and Desktop Connections"	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\RADCUI.dll,-15301#immutable1 = "Manage your RemoteApp and Desktop Connections"	explorer.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\FFlags = "18874385"	explorer.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell\{0C3794F3-B545-43AA-A329-C37430C58D2A}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\Vault.dll,-2#immutable1 = "Manage your Windows credentials."	explorer.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell\{0C3794F3-B545-43AA-A329-C37430C58D2A}\GroupByDirection = "1"	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\usercpl.dll,-2#immutable1 = "Change user account settings and passwords for people who share this computer."	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\sdcpl.dll,-101#immutable1 = "Backup and Restore (Windows 7)"	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\netcenter.dll,-2#immutable1 = "Check network status, change network settings and set preferences for sharing files and printers."	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\inetcpl.cpl,-4313#immutable1 = "Configure your Internet display and connection settings."	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell\{0C3794F3-B545-43AA-A329-C37430C58D2A}\Vid = "{0057D0E0-3573-11CF-AE69-08002B2E1262}"	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\FirewallControlPanel.dll,-12123#immutable1 = "Set firewall security options to help protect your computer from hackers and malicious software."	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\usercpl.dll,-1#immutable1 = "User Accounts"	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\sdcpl.dll,-100#immutable1 = "Recover copies of your files backed up in Windows 7"	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\fhcpl.dll,-52#immutable1 = "File History"	explorer.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = ffffffff	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\intl.cpl,-2#immutable1 = "Customize settings for the display of languages, numbers, times, and dates."	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\main.cpl,-103#immutable1 = "Customize your keyboard settings, such as the cursor blink rate and the character repeat rate."	explorer.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-910440534-423636034-2318342392-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\devmgr.dll,-5#immutable1 = "View and update your device hardware settings and driver software."	explorer.exe

Suspicious behavior: AddClipboardFormatListener 1 IoCs

Processes:

explorer.exe

pid process

3660 explorer.exe
Suspicious use of AdjustPrivilegeToken 2 IoCs

Processes:

explorer.exe

description pid process

Token: SeShutdownPrivilege 3660 explorer.exe
Token: SeCreatePagefilePrivilege 3660 explorer.exe
Suspicious use of FindShellTrayWindow 2 IoCs

Processes:

explorer.exe

pid process

3660 explorer.exe
3660 explorer.exe

pid	process
3660	explorer.exe

description	pid	process
Token: SeShutdownPrivilege	3660	explorer.exe
Token: SeCreatePagefilePrivilege	3660	explorer.exe

pid	process
3660	explorer.exe
3660	explorer.exe

Suspicious use of WriteProcessMemory 2 IoCs

Processes:

explorer.exe

description	pid	process	target process
PID 3660 wrote to memory of 2008	3660	explorer.exe	rundll32.exe
PID 3660 wrote to memory of 2008	3660	explorer.exe	rundll32.exe

C:\Windows\Explorer.exe
C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\MalwareCollection-master\Ransomware\Ransomware.NoMoreRansom.zip
1⤵
PID:2576

C:\Windows\explorer.exe
C:\Windows\explorer.exe /factory,{5BD95610-9434-43C2-886C-57852CC8A120} -Embedding
1⤵
- Modifies Internet Explorer settings
- Modifies registry class
- Suspicious behavior: AddClipboardFormatListener
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of WriteProcessMemory
PID:3660

C:\Windows\System32\rundll32.exe
"C:\Windows\System32\rundll32.exe" C:\Windows\System32\shell32.dll,Options_RunDLL 0
2⤵
PID:2008

C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
1⤵
PID:2592

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:4064

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads