Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

267a4c85d2...18.exe

windows7-x64

10

267a4c85d2...18.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    145s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    08/05/2024, 19:58 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    267a4c85d232e2ac38129146e11076fe_JaffaCakes118.exe

  • Size

    625KB

  • MD5

    267a4c85d232e2ac38129146e11076fe

  • SHA1

    1e8022b879ee79f2fe86ecac410a116b05ac0112

  • SHA256

    861b6c9421ebe142f5a3c13817190ab30b5b7b5e68692e886639589b784086e4

  • SHA512

    793acc93adfe3c116674bf0ab4122ebe41335dd525034ca78f5f59408976fe62a27ce98a9cbebffa476186324447083f59ecdfa210fac4f872476adedb911567

  • SSDEEP

    12288:iSJcHRFHvJTjucJ71RXKvGgKsfUReclQ42dFA3ADj6Dl18WlL0u:2RFHv5jDJDNmKlQ1dFAr0x

Score
10/10
limeratrat

Malware Config

Extracted

Family

limerat

Wallets

359Z6KxMenwvgkA7vpGeBtinJPTj5raZz8

Attributes
  • aes_key

    arglobal

  • antivm

    false

  • c2_url

    https://pastebin.com/raw/CV5RHE9G

  • delay

    3

  • download_payload

    true

  • install

    false

  • install_name

    Wservices.exe

  • main_folder

    AppData

  • payload_url

    http://23.249.161.100/zaher/zna.exe

  • pin_spread

    false

  • sub_folder

    \vbc\

  • usb_spread

    false

Extracted

Family

limerat

Attributes
  • antivm

    false

  • c2_url

    https://pastebin.com/raw/CV5RHE9G

  • download_payload

    false

  • install

    false

  • pin_spread

    false

  • usb_spread

    false

Signatures

  • LimeRAT

    Simple yet powerful RAT for Windows machines written in .NET.

    ratlimerat
  • Drops startup file 1 IoCs
  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs
  • Suspicious use of SetThreadContext 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 3 IoCs
  • Suspicious use of WriteProcessMemory 11 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\267a4c85d232e2ac38129146e11076fe_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\267a4c85d232e2ac38129146e11076fe_JaffaCakes118.exe"
    1⤵
    • Drops startup file
    • Suspicious use of SetThreadContext
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:2872
    • C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
      "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
      2⤵
      • Suspicious use of AdjustPrivilegeToken
      PID:2348

Network

  • flag-us
    DNS
    pastebin.com
    RegAsm.exe
    Remote address:
    8.8.8.8:53
    Request
    pastebin.com
    IN A
    Response
    pastebin.com
    IN A
    104.20.4.235
    pastebin.com
    IN A
    172.67.19.24
    pastebin.com
    IN A
    104.20.3.235
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 19:59:16 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: MISS
    Server: cloudflare
    CF-RAY: 880c077fcd074189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 19:59:18 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 2
    Server: cloudflare
    CF-RAY: 880c078cec304189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 19:59:22 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 6
    Server: cloudflare
    CF-RAY: 880c07a51a0e4189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 19:59:23 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 7
    Server: cloudflare
    CF-RAY: 880c07aa3a814189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 19:59:23 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 7
    Server: cloudflare
    CF-RAY: 880c07acbe3a4189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 19:59:24 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 8
    Server: cloudflare
    CF-RAY: 880c07b20f1b4189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 19:59:25 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 9
    Server: cloudflare
    CF-RAY: 880c07b8a8cc4189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 19:59:26 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 10
    Server: cloudflare
    CF-RAY: 880c07bc0e554189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 19:59:29 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 13
    Server: cloudflare
    CF-RAY: 880c07d198884189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 19:59:29 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 13
    Server: cloudflare
    CF-RAY: 880c07d2497b4189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 19:59:32 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 16
    Server: cloudflare
    CF-RAY: 880c07e518634189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 19:59:34 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 18
    Server: cloudflare
    CF-RAY: 880c07efb9ac4189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 19:59:37 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 21
    Server: cloudflare
    CF-RAY: 880c0800fd204189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 19:59:39 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 23
    Server: cloudflare
    CF-RAY: 880c0812a8a14189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 19:59:41 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 25
    Server: cloudflare
    CF-RAY: 880c081c7fbe4189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 19:59:42 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 26
    Server: cloudflare
    CF-RAY: 880c08244d394189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 19:59:46 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 30
    Server: cloudflare
    CF-RAY: 880c083e2d5b4189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 19:59:47 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 31
    Server: cloudflare
    CF-RAY: 880c083f2eee4189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 19:59:50 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 34
    Server: cloudflare
    CF-RAY: 880c08578c584189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 19:59:54 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 38
    Server: cloudflare
    CF-RAY: 880c086d58364189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 19:59:55 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 39
    Server: cloudflare
    CF-RAY: 880c08712e7d4189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 19:59:55 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 39
    Server: cloudflare
    CF-RAY: 880c08737a3b4189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 19:59:58 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 42
    Server: cloudflare
    CF-RAY: 880c088408354189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 20:00:03 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 47
    Server: cloudflare
    CF-RAY: 880c08a37c5c4189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 20:00:03 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 47
    Server: cloudflare
    CF-RAY: 880c08a89d034189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 20:00:07 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 51
    Server: cloudflare
    CF-RAY: 880c08bda9a64189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 20:00:10 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 54
    Server: cloudflare
    CF-RAY: 880c08d39fa24189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 20:00:14 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 58
    Server: cloudflare
    CF-RAY: 880c08e99ca34189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 20:00:18 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 62
    Server: cloudflare
    CF-RAY: 880c09040f644189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 20:00:22 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 66
    Server: cloudflare
    CF-RAY: 880c091cef634189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 20:00:25 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 69
    Server: cloudflare
    CF-RAY: 880c0930e9db4189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 20:00:28 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 72
    Server: cloudflare
    CF-RAY: 880c09417e6f4189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 20:00:28 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 72
    Server: cloudflare
    CF-RAY: 880c0944cc9e4189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 20:00:29 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 73
    Server: cloudflare
    CF-RAY: 880c094789b04189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 20:00:32 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 76
    Server: cloudflare
    CF-RAY: 880c095cff954189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 20:00:37 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 80
    Server: cloudflare
    CF-RAY: 880c097729324189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 20:00:41 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 85
    Server: cloudflare
    CF-RAY: 880c099378cc4189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 20:00:42 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 86
    Server: cloudflare
    CF-RAY: 880c099c3ff14189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 20:00:44 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 88
    Server: cloudflare
    CF-RAY: 880c09a85cea4189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 20:00:49 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 93
    Server: cloudflare
    CF-RAY: 880c09c7ead14189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 20:00:51 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 95
    Server: cloudflare
    CF-RAY: 880c09cf8fd64189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 20:00:53 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 97
    Server: cloudflare
    CF-RAY: 880c09df69784189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 20:00:56 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 100
    Server: cloudflare
    CF-RAY: 880c09f3a9fe4189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 20:00:57 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 101
    Server: cloudflare
    CF-RAY: 880c09f57ce84189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 20:01:00 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 104
    Server: cloudflare
    CF-RAY: 880c0a07df314189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 20:01:00 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 104
    Server: cloudflare
    CF-RAY: 880c0a0a3c7b4189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 20:01:01 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 105
    Server: cloudflare
    CF-RAY: 880c0a0f8f6d4189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 20:01:02 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 106
    Server: cloudflare
    CF-RAY: 880c0a19898d4189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 20:01:04 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 108
    Server: cloudflare
    CF-RAY: 880c0a2168704189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 20:01:09 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 113
    Server: cloudflare
    CF-RAY: 880c0a400b2a4189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 20:01:15 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 119
    Server: cloudflare
    CF-RAY: 880c0a68aa164189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 20:01:23 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 127
    Server: cloudflare
    CF-RAY: 880c0a98c9804189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 20:01:24 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 128
    Server: cloudflare
    CF-RAY: 880c0aa12f5f4189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 20:01:28 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 132
    Server: cloudflare
    CF-RAY: 880c0ab9de954189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 20:01:29 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 133
    Server: cloudflare
    CF-RAY: 880c0ac009de4189-LHR
  • flag-us
    GET
    https://pastebin.com/raw/CV5RHE9G
    RegAsm.exe
    Remote address:
    104.20.4.235:443
    Request
    GET /raw/CV5RHE9G HTTP/1.1
    Host: pastebin.com
    Response
    HTTP/1.1 404 Not Found
    Date: Wed, 08 May 2024 20:01:32 GMT
    Content-Type: text/html; charset=UTF-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    x-frame-options: DENY
    x-frame-options: DENY
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1;mode=block
    x-xss-protection: 1;mode=block
    cache-control: public, max-age=1801
    CF-Cache-Status: HIT
    Age: 136
    Server: cloudflare
    CF-RAY: 880c0ad3dc134189-LHR
  • 23.249.161.100:80
    RegAsm.exe
    152 B
     3
  • 104.20.4.235:443
    https://pastebin.com/raw/CV5RHE9G
    tls, http
    RegAsm.exe
    11.5kB
     67.1kB
     133
    126

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404

    HTTP Request

    GET https://pastebin.com/raw/CV5RHE9G

    HTTP Response

    404
  • 8.8.8.8:53
    pastebin.com
    dns
    RegAsm.exe
    58 B
     106 B
     1
    1

    DNS Request

    pastebin.com

    DNS Response

    104.20.4.235
    172.67.19.24
    104.20.3.235

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2348-62-0x0000000000400000-0x000000000040C000-memory.dmp

    Filesize

    48KB

    Download

  • memory/2348-64-0x0000000000400000-0x000000000040C000-memory.dmp

    Filesize

    48KB

    Download

  • memory/2348-65-0x0000000000400000-0x000000000040C000-memory.dmp

    Filesize

    48KB

    Download

  • memory/2348-66-0x000000007EFDE000-0x000000007EFDF000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2348-68-0x0000000000400000-0x000000000040C000-memory.dmp

    Filesize

    48KB

    Download

  • memory/2348-70-0x0000000000400000-0x000000000040C000-memory.dmp

    Filesize

    48KB

    Download

  • memory/2348-72-0x0000000000400000-0x000000000040C000-memory.dmp

    Filesize

    48KB

    Download

  • memory/2872-60-0x0000000004090000-0x000000000409C000-memory.dmp

    Filesize

    48KB

    Download

  • memory/2872-35-0x0000000001EC0000-0x0000000001EDF000-memory.dmp

    Filesize

    124KB

    Download

  • memory/2872-19-0x0000000001EC0000-0x0000000001EDF000-memory.dmp

    Filesize

    124KB

    Download

  • memory/2872-45-0x0000000001EC0000-0x0000000001EDF000-memory.dmp

    Filesize

    124KB

    Download

  • memory/2872-57-0x0000000001EC0000-0x0000000001EDF000-memory.dmp

    Filesize

    124KB

    Download

  • memory/2872-53-0x0000000001EC0000-0x0000000001EDF000-memory.dmp

    Filesize

    124KB

    Download

  • memory/2872-59-0x0000000001EC0000-0x0000000001EDF000-memory.dmp

    Filesize

    124KB

    Download

  • memory/2872-55-0x0000000001EC0000-0x0000000001EDF000-memory.dmp

    Filesize

    124KB

    Download

  • memory/2872-51-0x0000000001EC0000-0x0000000001EDF000-memory.dmp

    Filesize

    124KB

    Download

  • memory/2872-49-0x0000000001EC0000-0x0000000001EDF000-memory.dmp

    Filesize

    124KB

    Download

  • memory/2872-47-0x0000000001EC0000-0x0000000001EDF000-memory.dmp

    Filesize

    124KB

    Download

  • memory/2872-43-0x0000000001EC0000-0x0000000001EDF000-memory.dmp

    Filesize

    124KB

    Download

  • memory/2872-41-0x0000000001EC0000-0x0000000001EDF000-memory.dmp

    Filesize

    124KB

    Download

  • memory/2872-0-0x00000000745BE000-0x00000000745BF000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2872-39-0x0000000001EC0000-0x0000000001EDF000-memory.dmp

    Filesize

    124KB

    Download

  • memory/2872-61-0x00000000745B0000-0x0000000074C9E000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/2872-37-0x0000000001EC0000-0x0000000001EDF000-memory.dmp

    Filesize

    124KB

    Download

  • memory/2872-8-0x0000000001EC0000-0x0000000001EDF000-memory.dmp

    Filesize

    124KB

    Download

  • memory/2872-33-0x0000000001EC0000-0x0000000001EDF000-memory.dmp

    Filesize

    124KB

    Download

  • memory/2872-31-0x0000000001EC0000-0x0000000001EDF000-memory.dmp

    Filesize

    124KB

    Download

  • memory/2872-29-0x0000000001EC0000-0x0000000001EDF000-memory.dmp

    Filesize

    124KB

    Download

  • memory/2872-27-0x0000000001EC0000-0x0000000001EDF000-memory.dmp

    Filesize

    124KB

    Download

  • memory/2872-25-0x0000000001EC0000-0x0000000001EDF000-memory.dmp

    Filesize

    124KB

    Download

  • memory/2872-23-0x0000000001EC0000-0x0000000001EDF000-memory.dmp

    Filesize

    124KB

    Download

  • memory/2872-21-0x0000000001EC0000-0x0000000001EDF000-memory.dmp

    Filesize

    124KB

    Download

  • memory/2872-17-0x0000000001EC0000-0x0000000001EDF000-memory.dmp

    Filesize

    124KB

    Download

  • memory/2872-15-0x0000000001EC0000-0x0000000001EDF000-memory.dmp

    Filesize

    124KB

    Download

  • memory/2872-13-0x0000000001EC0000-0x0000000001EDF000-memory.dmp

    Filesize

    124KB

    Download

  • memory/2872-9-0x0000000001EC0000-0x0000000001EDF000-memory.dmp

    Filesize

    124KB

    Download

  • memory/2872-11-0x0000000001EC0000-0x0000000001EDF000-memory.dmp

    Filesize

    124KB

    Download

  • memory/2872-5-0x0000000001EC0000-0x0000000001EE6000-memory.dmp

    Filesize

    152KB

    Download

  • memory/2872-4-0x0000000001F20000-0x0000000001F52000-memory.dmp

    Filesize

    200KB

    Download

  • memory/2872-3-0x00000000745B0000-0x0000000074C9E000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/2872-2-0x00000000005E0000-0x0000000000664000-memory.dmp

    Filesize

    528KB

    Download

  • memory/2872-1-0x00000000001F0000-0x0000000000294000-memory.dmp

    Filesize

    656KB

    Download

  • memory/2872-73-0x00000000745B0000-0x0000000074C9E000-memory.dmp

    Filesize

    6.9MB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.