Overview

overview

10

Static

static

10

2024-03-27...er.exe

windows7-x64

9

2024-03-27...er.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    150s
  • max time network
    154s
  • platform
    windows7_x64
  • resource
    win7-20240319-en
  • resource tags

    arch:x64arch:x86image:win7-20240319-enlocale:en-usos:windows7-x64system
  • submitted
    27/03/2024, 20:38 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-03-27_8450f8a335a9b48f72e854364004d030_cryptolocker.exe

  • Size

    66KB

  • MD5

    8450f8a335a9b48f72e854364004d030

  • SHA1

    18882ad8e2a84bfcf55faf5a8d40f20ba9ee79bf

  • SHA256

    344f23d14158fe1de2b1e164833f75879bfb53cdf94952b13913e9ae79e4a1d9

  • SHA512

    72a8b8d8c3e561d83c86921acc369501a9a43a6bd4e732680e3aff4b48856f71e853a8768138c889cd2df0b96390edf665e02bd60fd76ffd8fd38727365ff10f

  • SSDEEP

    1536:o1KhxqwtdgI2MyzNORQtOflIwoHNV2XBFV72BOlA7ZszudnYTjipvF293vaRLDs:aq7tdgI2MyzNORQtOflIwoHNV2XBFV7x

Score
9/10

Malware Config

Signatures

  • Detection of CryptoLocker Variants 1 IoCs
  • Detection of Cryptolocker Samples 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of UnmapMainImage 2 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-03-27_8450f8a335a9b48f72e854364004d030_cryptolocker.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-03-27_8450f8a335a9b48f72e854364004d030_cryptolocker.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of UnmapMainImage
    • Suspicious use of WriteProcessMemory
    PID:1108
    • C:\Users\Admin\AppData\Local\Temp\hurok.exe
      "C:\Users\Admin\AppData\Local\Temp\hurok.exe"
      2⤵
      • Executes dropped EXE
      • Suspicious use of UnmapMainImage
      PID:2816

Network

  • flag-us
    DNS
    gemlttwi.com
    hurok.exe
    Remote address:
    8.8.8.8:53
    Request
    gemlttwi.com
    IN A
    Response
    gemlttwi.com
    IN A
    192.185.35.56
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     92 B
     4
    2
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     179 B
     5
    4
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    439 B
     219 B
     6
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    236 B
     132 B
     5
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    445 B
     219 B
     6
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    439 B
     219 B
     6
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 8.8.8.8:53
    gemlttwi.com
    dns
    hurok.exe
    58 B
     74 B
     1
    1

    DNS Request

    gemlttwi.com

    DNS Response

    192.185.35.56

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\hurok.exe
    Filesize

    66KB

    MD5

    0f821042daf78c67f53527d539934c3f

    SHA1

    47ea2e2f9964d4438c806f00a411c12dc625b3c6

    SHA256

    dde40eb7e607c9043d3b62f475f80033ccf65807710209e6e2fa36faa7e6926d

    SHA512

    57a3a131d5e6bc77f65f2a879f6bba8a20b27acb9ed592323d99dbdb2af5758fea1777fa98cbdcffd73858a5d4a67614c86d5bdde80e735cb97694b0d7338730

    Download Submit

  • memory/1108-0-0x0000000000230000-0x0000000000236000-memory.dmp

    Filesize

    24KB

    Download

  • memory/1108-2-0x0000000000400000-0x0000000000406000-memory.dmp

    Filesize

    24KB

    Download

  • memory/1108-1-0x0000000000230000-0x0000000000236000-memory.dmp

    Filesize

    24KB

    Download

  • memory/2816-19-0x0000000000390000-0x0000000000396000-memory.dmp

    Filesize

    24KB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.