Analysis Overview
SHA256
8ac21fd5101245c481930e8a5adafb8d2a6b96ba54c5f43cab187059835aa5f9
Threat Level: Known bad
The file ab23d03dcf23220295648cfb245d2d6d was found to be: Known bad.
Malicious Activity Summary
RedLine payload
SectopRAT
SectopRAT payload
RedLine
Suspicious use of SetThreadContext
Unsigned PE
Program crash
Suspicious use of WriteProcessMemory
Suspicious use of UnmapMainImage
MITRE ATT&CK Matrix
Analysis: static1
Detonation Overview
Reported
2024-02-28 05:41
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-02-28 05:41
Reported
2024-02-28 05:44
Platform
win7-20240221-en
Max time kernel
150s
Max time network
154s
Command Line
Signatures
RedLine
RedLine payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
SectopRAT
SectopRAT payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Suspicious use of SetThreadContext
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
"C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe"
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
Network
| Country | Destination | Domain | Proto |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp |
Files
memory/1284-0-0x0000000001110000-0x00000000011A8000-memory.dmp
memory/1284-1-0x0000000073DE0000-0x00000000744CE000-memory.dmp
memory/1284-2-0x00000000049F0000-0x0000000004A30000-memory.dmp
memory/2920-4-0x0000000000400000-0x0000000000420000-memory.dmp
memory/2920-3-0x0000000000400000-0x0000000000420000-memory.dmp
memory/2920-6-0x0000000000400000-0x0000000000420000-memory.dmp
memory/2920-5-0x0000000000400000-0x0000000000420000-memory.dmp
memory/2920-7-0x000000007EFDE000-0x000000007EFDF000-memory.dmp
memory/2920-9-0x0000000000400000-0x0000000000420000-memory.dmp
memory/2920-11-0x0000000000400000-0x0000000000420000-memory.dmp
memory/2920-13-0x0000000000400000-0x0000000000420000-memory.dmp
memory/2920-14-0x0000000073DE0000-0x00000000744CE000-memory.dmp
memory/2920-15-0x0000000000B60000-0x0000000000BA0000-memory.dmp
memory/2728-27-0x0000000073DE0000-0x00000000744CE000-memory.dmp
memory/2728-28-0x0000000000C40000-0x0000000000C80000-memory.dmp
memory/1284-40-0x0000000073DE0000-0x00000000744CE000-memory.dmp
memory/2160-41-0x0000000073DE0000-0x00000000744CE000-memory.dmp
memory/1284-43-0x00000000049F0000-0x0000000004A30000-memory.dmp
memory/2160-42-0x0000000000C40000-0x0000000000C80000-memory.dmp
memory/2920-55-0x0000000073DE0000-0x00000000744CE000-memory.dmp
memory/2560-56-0x0000000073DE0000-0x00000000744CE000-memory.dmp
memory/2920-58-0x0000000000B60000-0x0000000000BA0000-memory.dmp
memory/2560-57-0x00000000010D0000-0x0000000001110000-memory.dmp
memory/2728-70-0x0000000073DE0000-0x00000000744CE000-memory.dmp
memory/2500-71-0x0000000073DE0000-0x00000000744CE000-memory.dmp
memory/2500-72-0x00000000004D0000-0x0000000000510000-memory.dmp
memory/2728-84-0x0000000000C40000-0x0000000000C80000-memory.dmp
memory/1552-85-0x0000000073DE0000-0x00000000744CE000-memory.dmp
memory/1552-86-0x0000000004670000-0x00000000046B0000-memory.dmp
memory/2160-87-0x0000000073DE0000-0x00000000744CE000-memory.dmp
memory/2160-99-0x0000000000C40000-0x0000000000C80000-memory.dmp
memory/1732-100-0x0000000073DE0000-0x00000000744CE000-memory.dmp
memory/1732-101-0x00000000049B0000-0x00000000049F0000-memory.dmp
memory/2560-102-0x0000000073DE0000-0x00000000744CE000-memory.dmp
memory/2560-114-0x00000000010D0000-0x0000000001110000-memory.dmp
memory/1944-115-0x0000000073DE0000-0x00000000744CE000-memory.dmp
memory/2500-116-0x0000000073DE0000-0x00000000744CE000-memory.dmp
memory/2500-130-0x00000000004D0000-0x0000000000510000-memory.dmp
memory/1300-131-0x0000000073DE0000-0x00000000744CE000-memory.dmp
memory/1300-132-0x0000000004A70000-0x0000000004AB0000-memory.dmp
memory/1552-133-0x0000000073DE0000-0x00000000744CE000-memory.dmp
memory/1552-134-0x0000000004670000-0x00000000046B0000-memory.dmp
memory/2000-148-0x0000000073DE0000-0x00000000744CE000-memory.dmp
memory/1732-149-0x0000000073DE0000-0x00000000744CE000-memory.dmp
memory/2000-150-0x0000000000470000-0x00000000004B0000-memory.dmp
memory/1732-151-0x00000000049B0000-0x00000000049F0000-memory.dmp
memory/1944-165-0x0000000073DE0000-0x00000000744CE000-memory.dmp
memory/1944-167-0x0000000004B70000-0x0000000004BB0000-memory.dmp
memory/3036-166-0x0000000073DE0000-0x00000000744CE000-memory.dmp
memory/3036-168-0x00000000010C0000-0x0000000001100000-memory.dmp
memory/1300-182-0x0000000073DE0000-0x00000000744CE000-memory.dmp
memory/824-183-0x0000000073DE0000-0x00000000744CE000-memory.dmp
memory/1300-184-0x0000000004A70000-0x0000000004AB0000-memory.dmp
memory/824-185-0x0000000004C20000-0x0000000004C60000-memory.dmp
memory/2000-186-0x0000000073DE0000-0x00000000744CE000-memory.dmp
memory/1476-200-0x0000000073DE0000-0x00000000744CE000-memory.dmp
memory/2000-201-0x0000000000470000-0x00000000004B0000-memory.dmp
memory/2868-215-0x0000000073DE0000-0x00000000744CE000-memory.dmp
memory/3036-216-0x0000000073DE0000-0x00000000744CE000-memory.dmp
memory/2868-217-0x0000000000450000-0x0000000000490000-memory.dmp
memory/3036-218-0x00000000010C0000-0x0000000001100000-memory.dmp
memory/824-232-0x0000000073DE0000-0x00000000744CE000-memory.dmp
memory/1108-233-0x0000000073DE0000-0x00000000744CE000-memory.dmp
memory/1108-235-0x0000000000A90000-0x0000000000AD0000-memory.dmp
memory/824-234-0x0000000004C20000-0x0000000004C60000-memory.dmp
memory/1476-236-0x0000000073DE0000-0x00000000744CE000-memory.dmp
memory/792-250-0x0000000073DE0000-0x00000000744CE000-memory.dmp
memory/792-251-0x00000000005F0000-0x0000000000630000-memory.dmp
memory/2868-252-0x0000000073DE0000-0x00000000744CE000-memory.dmp
memory/2868-266-0x0000000000450000-0x0000000000490000-memory.dmp
memory/2576-267-0x0000000073DE0000-0x00000000744CE000-memory.dmp
memory/1108-281-0x0000000073DE0000-0x00000000744CE000-memory.dmp
Analysis: behavioral2
Detonation Overview
Submitted
2024-02-28 05:41
Reported
2024-02-28 05:44
Platform
win10v2004-20240226-en
Max time kernel
152s
Max time network
157s
Command Line
Signatures
RedLine
RedLine payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
SectopRAT
SectopRAT payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Suspicious use of SetThreadContext
Program crash
Suspicious use of UnmapMainImage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
"C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe"
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 416 -p 3880 -ip 3880
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 3880 -s 12
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 528 -p 1756 -ip 1756
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 1756 -s 12
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 548 -p 2912 -ip 2912
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Users\Admin\AppData\Local\Temp\ab23d03dcf23220295648cfb245d2d6d.exe
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 2912 -s 12
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 73.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 180.178.17.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.228.82.20.in-addr.arpa | udp |
| US | 138.91.171.81:80 | tcp | |
| US | 8.8.8.8:53 | 41.110.16.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 8.8.8.8:53 | 26.165.165.52.in-addr.arpa | udp |
| US | 135.148.139.222:1494 | tcp | |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 135.148.139.222:1494 | tcp | |
| US | 8.8.8.8:53 | 18.134.221.88.in-addr.arpa | udp |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 8.8.8.8:53 | 173.178.17.96.in-addr.arpa | udp |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 8.8.8.8:53 | 24.73.42.20.in-addr.arpa | udp |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp | |
| US | 135.148.139.222:1494 | tcp |
Files
memory/3980-0-0x0000000000560000-0x00000000005F8000-memory.dmp
memory/3980-1-0x00000000751A0000-0x0000000075950000-memory.dmp
memory/3980-2-0x0000000004F80000-0x0000000004FF6000-memory.dmp
memory/3980-4-0x0000000004F20000-0x0000000004F3E000-memory.dmp
memory/3980-3-0x0000000005100000-0x0000000005110000-memory.dmp
memory/3880-5-0x0000000000400000-0x0000000000420000-memory.dmp
memory/2936-7-0x00000000751A0000-0x0000000075950000-memory.dmp
memory/2936-8-0x0000000005C50000-0x0000000006268000-memory.dmp
memory/2936-9-0x00000000056D0000-0x00000000056E2000-memory.dmp
memory/2936-10-0x0000000005800000-0x000000000590A000-memory.dmp
memory/2936-11-0x00000000057A0000-0x00000000057B0000-memory.dmp
memory/2936-12-0x0000000005730000-0x000000000576C000-memory.dmp
memory/3880-13-0x00000000003E0000-0x00000000003E0000-memory.dmp
memory/2936-14-0x00000000057B0000-0x00000000057FC000-memory.dmp
memory/4048-16-0x00000000751A0000-0x0000000075950000-memory.dmp
memory/4048-17-0x0000000005390000-0x00000000053A0000-memory.dmp
memory/3980-18-0x00000000751A0000-0x0000000075950000-memory.dmp
memory/3980-20-0x0000000005100000-0x0000000005110000-memory.dmp
memory/2976-21-0x00000000751A0000-0x0000000075950000-memory.dmp
memory/2976-22-0x00000000052C0000-0x00000000052D0000-memory.dmp
memory/2072-24-0x00000000751A0000-0x0000000075950000-memory.dmp
memory/2072-25-0x0000000005940000-0x0000000005950000-memory.dmp
memory/2936-27-0x00000000751A0000-0x0000000075950000-memory.dmp
memory/3696-28-0x00000000751A0000-0x0000000075950000-memory.dmp
memory/2936-29-0x00000000057A0000-0x00000000057B0000-memory.dmp
memory/4048-30-0x00000000751A0000-0x0000000075950000-memory.dmp
memory/3368-32-0x00000000751A0000-0x0000000075950000-memory.dmp
memory/4048-33-0x0000000005390000-0x00000000053A0000-memory.dmp
memory/2976-34-0x00000000751A0000-0x0000000075950000-memory.dmp
memory/2976-36-0x00000000052C0000-0x00000000052D0000-memory.dmp
memory/2072-37-0x00000000751A0000-0x0000000075950000-memory.dmp
memory/4524-38-0x00000000751A0000-0x0000000075950000-memory.dmp
memory/2072-39-0x0000000005940000-0x0000000005950000-memory.dmp
memory/3696-40-0x00000000751A0000-0x0000000075950000-memory.dmp
memory/956-42-0x00000000751A0000-0x0000000075950000-memory.dmp
memory/3368-44-0x00000000751A0000-0x0000000075950000-memory.dmp
memory/2064-45-0x00000000751A0000-0x0000000075950000-memory.dmp
memory/3052-47-0x00000000751A0000-0x0000000075950000-memory.dmp
memory/4524-48-0x00000000751A0000-0x0000000075950000-memory.dmp
memory/3052-49-0x00000000055E0000-0x00000000055F0000-memory.dmp
memory/956-52-0x00000000751A0000-0x0000000075950000-memory.dmp
memory/4288-53-0x00000000751A0000-0x0000000075950000-memory.dmp
memory/4288-54-0x00000000054A0000-0x00000000054B0000-memory.dmp
memory/2064-56-0x00000000751A0000-0x0000000075950000-memory.dmp
memory/496-57-0x00000000751A0000-0x0000000075950000-memory.dmp
memory/496-58-0x0000000005140000-0x0000000005150000-memory.dmp
memory/2828-61-0x00000000751A0000-0x0000000075950000-memory.dmp
memory/3052-62-0x00000000751A0000-0x0000000075950000-memory.dmp
memory/3052-63-0x00000000055E0000-0x00000000055F0000-memory.dmp
memory/4720-65-0x00000000751A0000-0x0000000075950000-memory.dmp
memory/4288-66-0x00000000751A0000-0x0000000075950000-memory.dmp
memory/4288-68-0x00000000054A0000-0x00000000054B0000-memory.dmp
memory/3676-69-0x00000000751A0000-0x0000000075950000-memory.dmp
memory/496-70-0x00000000751A0000-0x0000000075950000-memory.dmp
memory/2828-71-0x00000000751A0000-0x0000000075950000-memory.dmp
memory/1276-73-0x00000000751A0000-0x0000000075950000-memory.dmp
memory/2828-74-0x00000000053A0000-0x00000000053B0000-memory.dmp
memory/8-76-0x00000000751A0000-0x0000000075950000-memory.dmp
memory/4720-77-0x00000000751A0000-0x0000000075950000-memory.dmp
memory/4720-78-0x0000000005730000-0x0000000005740000-memory.dmp
memory/3676-80-0x00000000751A0000-0x0000000075950000-memory.dmp
memory/3556-81-0x00000000751A0000-0x0000000075950000-memory.dmp
memory/3556-82-0x0000000005A90000-0x0000000005AA0000-memory.dmp
memory/4996-84-0x00000000751A0000-0x0000000075950000-memory.dmp
memory/1276-85-0x00000000751A0000-0x0000000075950000-memory.dmp
memory/4996-86-0x0000000005170000-0x0000000005180000-memory.dmp