Resubmissions
05/05/2024, 12:38
240505-pvjrsaab9v 105/05/2024, 12:38
240505-pvcngadd98 105/05/2024, 12:37
240505-ptxbgsab7z 105/05/2024, 12:34
240505-pr8lqsab3v 405/05/2024, 12:31
240505-pp6z5adc83 405/05/2024, 12:27
240505-pm3jxsdc27 8Analysis
-
max time kernel
148s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20240419-en -
resource tags
-
submitted
05/05/2024, 12:27
General
-
Target
https://cdn.discordapp.com/attachments/1236487314679533629/1236640184204791868/Netflix_Cookies.rar?ex=6638be6b&is=66376ceb&hm=1df14c01527bfb5c34add0f08f6cf112f53f9576a154dce1076aaf3a42883ab8&
Malware Config
Signatures
-
Downloads MZ/PE file
-
Executes dropped EXE 1 IoCs
-
Enumerates system info in registry 2 TTPs 3 IoCs
-
Modifies registry class 57 IoCs
-
NTFS ADS 1 IoCs
-
Suspicious behavior: EnumeratesProcesses 20 IoCs
-
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 24 IoCs
-
Suspicious use of FindShellTrayWindow 57 IoCs
-
Suspicious use of SendNotifyMessage 24 IoCs
-
Suspicious use of SetWindowsHookEx 6 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
Processes
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://cdn.discordapp.com/attachments/1236487314679533629/1236640184204791868/Netflix_Cookies.rar?ex=6638be6b&is=66376ceb&hm=1df14c01527bfb5c34add0f08f6cf112f53f9576a154dce1076aaf3a42883ab8&1⤵
- Enumerates system info in registry
- Modifies registry class
- NTFS ADS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffdba2546f8,0x7ffdba254708,0x7ffdba2547182⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2040,7960841306331548865,1213310793838618584,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2108 /prefetch:22⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2040,7960841306331548865,1213310793838618584,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 /prefetch:32⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2040,7960841306331548865,1213310793838618584,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2580 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,7960841306331548865,1213310793838618584,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,7960841306331548865,1213310793838618584,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3364 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2040,7960841306331548865,1213310793838618584,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5388 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2040,7960841306331548865,1213310793838618584,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5388 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2040,7960841306331548865,1213310793838618584,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5220 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,7960841306331548865,1213310793838618584,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5108 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2040,7960841306331548865,1213310793838618584,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5668 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,7960841306331548865,1213310793838618584,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5904 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,7960841306331548865,1213310793838618584,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5936 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,7960841306331548865,1213310793838618584,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6428 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,7960841306331548865,1213310793838618584,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6376 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,7960841306331548865,1213310793838618584,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6028 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,7960841306331548865,1213310793838618584,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6096 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,7960841306331548865,1213310793838618584,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5716 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,7960841306331548865,1213310793838618584,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5100 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,7960841306331548865,1213310793838618584,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5620 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2040,7960841306331548865,1213310793838618584,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3392 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2040,7960841306331548865,1213310793838618584,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=3428 /prefetch:82⤵
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,7960841306331548865,1213310793838618584,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,7960841306331548865,1213310793838618584,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6000 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,7960841306331548865,1213310793838618584,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3704 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,7960841306331548865,1213310793838618584,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3028 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2040,7960841306331548865,1213310793838618584,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4508 /prefetch:82⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2040,7960841306331548865,1213310793838618584,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6684 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Users\Admin\Downloads\winrar-x64-701b1.exe"C:\Users\Admin\Downloads\winrar-x64-701b1.exe"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,7960841306331548865,1213310793838618584,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6596 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,7960841306331548865,1213310793838618584,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6512 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,7960841306331548865,1213310793838618584,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6464 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,7960841306331548865,1213310793838618584,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6564 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,7960841306331548865,1213310793838618584,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5468 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,7960841306331548865,1213310793838618584,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6444 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,7960841306331548865,1213310793838618584,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6716 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=2040,7960841306331548865,1213310793838618584,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1928 /prefetch:82⤵
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2040,7960841306331548865,1213310793838618584,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1400 /prefetch:22⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2040,7960841306331548865,1213310793838618584,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7132 /prefetch:12⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2040,7960841306331548865,1213310793838618584,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6824 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
-
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵
-
C:\Windows\System32\rundll32.exeC:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding1⤵
-
C:\Windows\system32\NOTEPAD.EXE"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\Netflix_Cookies\[Premium - Premium] [[email protected]].txt1⤵
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
152B
MD58b2290ca03b4ca5fe52d82550c7e7d69
SHA120583a7851a906444204ce8ba4fa51153e6cd494
SHA256f9ff4871fc5317299de907489d466e630be63d698c8f7cb77cc81faddbecc6d2
SHA512704ec8122cc1c263dff67ddbb5c20ee0db8a438674d716bc3be5b266ee5629a219b0049d721f9eb2dd8f2d8fda0163659eaa4d3e1f0a6e9072a8ffb92bb2b25d
-
Filesize
152B
MD5919c29d42fb6034fee2f5de14d573c63
SHA124a2e1042347b3853344157239bde3ed699047a8
SHA25617cd6de97a0c020cb4935739cfef4ec4e074e8d127ac4c531b6dc496580c8141
SHA512bb7eadd087bbcec8b1b8a49b102b454333f2f9708d36b6ffc3c82fdc52e46873398d967238c3bfe9ac6caef45b017a5fe3938ebf5f3053e4ef9be7b2752b563d
-
Filesize
64KB
MD5d6b36c7d4b06f140f860ddc91a4c659c
SHA1ccf16571637b8d3e4c9423688c5bd06167bfb9e9
SHA25634013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92
SHA5122a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487
-
Filesize
67KB
MD5d2d55f8057f8b03c94a81f3839b348b9
SHA137c399584539734ff679e3c66309498c8b2dd4d9
SHA2566e273f3491917d37f4dbb6c3f4d3f862cada25c20a36b245ea7c6bd860fb400c
SHA5127bcdbb9e8d005a532ec12485a9c4b777ddec4aee66333757cdae3f84811099a574e719d45eb4487072d0162fa4654349dd73705a8d1913834535b1a3e2247dc6
-
Filesize
19KB
MD576a3f1e9a452564e0f8dce6c0ee111e8
SHA111c3d925cbc1a52d53584fd8606f8f713aa59114
SHA256381396157ed5e8021dd8e660142b35eb71a63aecd33062a1103ce9c709c7632c
SHA512a1156a907649d6f2c3f7256405d9d5c62a626b8d4cd717fa2f29d2fbe91092a2b3fdd0716f8f31e59708fe12274bc2dea6c9ae6a413ea290e70ddf921fe7f274
-
Filesize
37KB
MD5ad41c0bf481fc026fb5dd7bc5d42a587
SHA18d76e29ea2a0756681e4a018d06b941fc690c4fd
SHA2562205a91208045c5071d38404e02305882d7920beeb6ac0aa56f52e63bd30eae8
SHA512649bd4b3c4858566d6862a276d595b75b4ac8489559df676cf4275edfc6073013b9880dd59c12a43aba9c878542bb232e13188c9c74d46092cbba31dc49d63d7
-
Filesize
65KB
MD556d57bc655526551f217536f19195495
SHA128b430886d1220855a805d78dc5d6414aeee6995
SHA256f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4
SHA5127814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb
-
Filesize
88KB
MD5b38fbbd0b5c8e8b4452b33d6f85df7dc
SHA1386ba241790252df01a6a028b3238de2f995a559
SHA256b18b9eb934a5b3b81b16c66ec3ec8e8fecdb3d43550ce050eb2523aabc08b9cd
SHA512546ca9fb302bf28e3a178e798dd6b80c91cba71d0467257b8ed42e4f845aa6ecb858f718aac1e0865b791d4ecf41f1239081847c75c6fb3e9afd242d3704ad16
-
Filesize
1.2MB
MD55ab2d1f8cd709d40a8ea424bb51be98e
SHA15423cdf5c8eb1f57c0c330617cf2277b1283b6b4
SHA256bfda89ab36691c4c6e8e8db2ee2b4bdccdb4d624410d97889f82c31d176facea
SHA512912b41117f1603d903848822ad61bea5f9561c95049c1c689cb36be40f2cb58f7cc92fae4fd8b47297a127e816c657afa7bbbb3c087c21d80d9bc31639237dc3
-
Filesize
2KB
MD57acb4af6f749e9bfc03b961204018cfa
SHA1a87cfdea6745ab4aeb9599b20b07450144e3b6db
SHA2565859b3a1ce5ba441cc035be350fbd822c9d934d3faf268d5a07c78e11b8fd2e5
SHA512ff7e821f318b7f221dd6cfdaf2a2336b08cc501f2bd43f0dc89dc99fd2c97922980f8c0262f6e106a8707602e960899bdb87c6c2e3157a87d2b7e989c7d00f86
-
Filesize
1KB
MD5c4dd78207eee91f260d01ec47fc64147
SHA1d82e7da64f3adbfb04c7c9819908fbb5e575e24d
SHA256fe53999453d6e4203730283fdb841ea069c0f952608a982ebcd5a47d12e5ca93
SHA512838186e96fd11aeb5222f459aa53feeb850b3c33a927f401c8f302e7e249ac349600d30ea8bc7cf681778bea8a54c767df496d86bded4d996f936aeeec90a13a
-
Filesize
913B
MD58ac527e74be19e8901f7615d215dd242
SHA15a3bdb2710880e6873d6a8c019fd7d60a5a21e72
SHA256a79a2b8b9e2aa27549633607897643c6e344cc1c86b67a0ecf4df6dacf6d4198
SHA5126f919c5d7d1f4aee15e9d4ece03f9fa4268d54d1f20cacd41bee1fabe2981da360193c431d885cee77a2f2723c9f84013f2876f907d93fce628f2eadf0d3ec55
-
Filesize
7KB
MD5bee084c224d7d0731e637b7b128f3516
SHA1800b8f8f04f93e153ed8a8a70975e01f3d63107a
SHA256d6adf0f6b0a4ccc903126b4e0fe5ed8f658b5ea95a16d4ee07ec6a0d8e6de3c6
SHA512936af6a131a6ffffb508da1d0d518e6e5eb5dc691f4352d24e455303b9114f179d2230b767c3ff35a6900aa9f18bc4bdbd1d07267d88ff9bfe9baf9aa4bab083
-
Filesize
5KB
MD5019097d8d5c5d6efbf4c9dd91c5889ea
SHA161764deb0884377469057510a8ff0b1940a5f9a2
SHA25612bf52ef48eecd8d49cd1d53a1cf29b515faa82259a7219588ca9936b90ea912
SHA5120713846e3b7acb0eadad96c770ee50285fc353dc896f91631ebb7a1bc4660584c05ff47a52af25d50cdffe8640809258f6c5db0c94d996e6bc7d0997672903b3
-
Filesize
6KB
MD5056e72effb0a31b1dfc511496f492756
SHA1a99ab57a8233535d8d3038b5d73ad32cf698cf0a
SHA2564ba67c67770be83c37d18c186024c5380cc406c19f249fa592285daa3efd4358
SHA512525c5965223d74ff44630995e0574a874dd87b22fcf5d8212f2b61ccb7103cf55b502d661bc54b58b101a86626295fc607fd899c3b7a96030bd21ee55094530d
-
Filesize
6KB
MD5e4a1167d6d9ce0941df0e4fafa9ac584
SHA1e3280f667bedbb27cb547989f1df0a19804dff3f
SHA25681ccc369a291c254da213229cea9fddf8578a7e056cdbd80561cee37a858e1fb
SHA5123b2060a7b1bfd237fdccf156e59fefab5d753f7147b512c44bba6fa769d667b218abcdee56f72ebe7698ca05b97ae174193a0ab59ae5e597e285e99168fef9f5
-
Filesize
6KB
MD523f30d46f2ce56b6fe72c1af96f7618c
SHA156635f4ab34208e04aae660dd63c2d87a04ced59
SHA256a39804d88cf79d1cde09653712624679b13df845a5accec84e8d92f01aa54d3b
SHA5126ea236b5c3eb6690c3a35d2ef467bccf653a0b3fee73216cd3f78489dac62b4ae2f220a283e48a16822ab811dbb8a0bf938c484497f1af85dad0c2d1e180e542
-
Filesize
7KB
MD5428577762d7d3f99e9858177f5aaae93
SHA1c00069bee13700c88355307074b935672f4ba0e5
SHA25602665c7d9eb0c2b67ed2c4057e617678c8c604a456b5abaf571060e03fa89afa
SHA512ddd7e20284c30727f74e414ec8c958dd96da1b1b6fde41f0687305448ec3215c12f15a4ee6950190d4ab8b9c9a01b761883b4cd5f407efa52b4fe5e360dff568
-
Filesize
705B
MD557844737ba4f82e916da8fd18b8afe73
SHA16fc10c83dc6f9ffd9fb994eb3cc3bfa5d758f7fe
SHA2562df7e475f62fb0a59bd986195b89fb40c3fe39dbba5f53d42d25846a1c04a479
SHA512216317ee0040229dc3aed09bbe14ef3336d19c789c72f094f822e91644104c9dd7de345a72edf142ffef005098a66c7f11946b6d7a3e458e768c23639b54162f
-
Filesize
705B
MD57bd6db77f94e362945cbe82fc1b71bca
SHA1f417d41e17d0e65d986350ed6790479522f54912
SHA256fd6b065f29ced73badd7593255bd807cf44da760dfb64254f54e0082ecfb717d
SHA512ac4302043ceb05f0aa024a2ff347c0b93657ab92c3bed2acbaf8773bd55cbe42e99da48be45b3abae2df0a0f736db951d59f4967261e3c65c30694e407b189f8
-
Filesize
705B
MD507535ffad5a55391c22cf6dc09647459
SHA123d23f97e5024a7e404fd958fc8cb9352c17e0d8
SHA256317fb5ddfe4af61062368dbee4133497f892edffcc7fe990d6b3d9d609384ba9
SHA5124a7fedda10e568fc3dbc18e8b9d812543cb59139b4fcbfafc602eaef734ed772982b3051fc60b096b7c608ade10acf27ddf70d6ce342f989f33823ab34db64a3
-
Filesize
705B
MD582d257f081831d1a74a54d0248057002
SHA1fde92df2401c85f16f458442a616a356c9d77c6b
SHA256ee325d25030d4b3431d1c64d3ae2a0a5ac11b30bb1b6ee190fe34088baacacad
SHA512c9cbd27d7cb279cf179f449c4ac4ebca12e3e8bc75aacc2bd5e271faae6e030bb9d13014c3910250d040fadb720fd987168f2b0bcf8dda2a045d156e9df98e2c
-
Filesize
538B
MD58e3c6d5b32a7dcc3016eb797637cb0be
SHA132d1f54814512b8e2030e0068c5914be10cf6db1
SHA256f73b8bf3e95e7d90ab3a790751d75802751c610693108e28474d5bb63bc81a01
SHA5127c012a6ff888d2eb96481fbd231b4aa78d9d7d102330c32304f2205f2aea4d3b409004b44fd5a61916614e19766550cf9bdb4efd6e11ec538d9f8337399f9f89
-
Filesize
16B
MD56752a1d65b201c13b62ea44016eb221f
SHA158ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA2560861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA5129cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389
-
Filesize
12KB
MD57a77d14776b894a4f4ec836d9e01671f
SHA120fe8a24f720b76810be7fac19e8c8f908252ba1
SHA256d73696665a8da26b6f3558e74312b9a528da84e40de05afe28f18dc928169a7a
SHA51234cee2a9bdef65e50a26abb4551618e7c3b7784236b23653aa6ab6056ddfb148a0798de0208370f956a08d56e8cf4b8ce517ca597bdc3ba9845c360f63035b01
-
Filesize
11KB
MD5bf92ba6e0118540319c30d280a2b9031
SHA1b9f4dc98ff73b737722416c604ddf1f1952fcd02
SHA2565a6466b763656fd9a3bd04b627a12045c69b213b334c60fdff2591011eeb8995
SHA512e5ed06066785abcd581b82bb4a97ec5827cb7e6ab55e941fc533fe8577930fa5e6bf6f8c856d8103275e166bc25530371594e692f3d6254985e104f9d5e20e79
-
Filesize
11KB
MD56f778b895a44b4b8842f15fb500a3887
SHA134e6b46659b09eecda72b71bb392e9a8ade336ff
SHA25630cbf820cfe0142d70a7a667f65c10800938b8820fe28a9a9b48ec717a84a273
SHA512a346510b873924b084c8107ae9d0bd60a018bdfcb904adb1c9f87286786a1c1cd5f134a08113ba28de62884212a93cfee367d65b54fdb8a6c0d875409a52c476
-
Filesize
12KB
MD5637b0e6703e388c4bfa763aafc27f239
SHA19f3558457461de8acc79e9fcced349ecd16c8f18
SHA256e59a14486bafcbb8de2cf7cf7e77f2e1df80531d1f896e8172aab751fa90e930
SHA51229d2edbce49d706e16267f446df26e32bc870143bce5d0e69170eca57e712b3a3192579e54383ca0283180e2d247348bbe7b692138542c32d189b7590d86d0f7
-
Filesize
1KB
MD534f045260931889fb270f52caf4765f2
SHA1d352360589a491ec8e568a65e0489439be23389b
SHA25671d7e615d61db61da06184d36746af9d701ccc67da0ab3fd321a4b1f73f9a6f6
SHA512bd87246dcd11a74e7007698239f21c1cfff6288cd21a1e5add16876d4bce98bf57f61096a0b6678a151f44105b0603d3a9377c89b261b8f150453eea9ec9c10d
-
Filesize
3.7MB
MD58c80e9a6c80f878dbbbb84c0eeb06841
SHA1776c1ebfefd195cdd974c7da149fd9335ef03684
SHA2568249444b8ec33512027cde2bd6edb51bea9e9b4f35c4b261319d7a52d3befffc
SHA5122032fcb28818c44e478ce4d73b76454ff50bd7ff67371b6de3b60978a3474f5dbf135d37b92f4d960c7a9bb95b594590f5beb385fddd0d49aeeca4e817028863