hxxps://ghostproject[.]fr/

General

Target

https://ghostproject.fr/

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

chrome.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

Processes:

chrome.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133607812093529931"	chrome.exe

Modifies registry class 1 IoCs

Processes:

chrome.exe

description	ioc	process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-540404634-651139247-2967210625-1000\{E27FCD22-030B-4071-AEF8-FA189877D4E1}	chrome.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes:

chrome.exe

pid process

1424 chrome.exe
1424 chrome.exe
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

Processes:

chrome.exe

pid process

1424 chrome.exe
1424 chrome.exe
1424 chrome.exe
1424 chrome.exe

Suspicious use of AdjustPrivilegeToken 60 IoCs

Processes:

chrome.exe

description	pid	process
Token: SeShutdownPrivilege	1424	chrome.exe
Token: SeCreatePagefilePrivilege	1424	chrome.exe
Token: SeShutdownPrivilege	1424	chrome.exe
Token: SeCreatePagefilePrivilege	1424	chrome.exe
Token: SeShutdownPrivilege	1424	chrome.exe
Token: SeCreatePagefilePrivilege	1424	chrome.exe
Token: SeShutdownPrivilege	1424	chrome.exe
Token: SeCreatePagefilePrivilege	1424	chrome.exe
Token: SeShutdownPrivilege	1424	chrome.exe
Token: SeCreatePagefilePrivilege	1424	chrome.exe
Token: SeShutdownPrivilege	1424	chrome.exe
Token: SeCreatePagefilePrivilege	1424	chrome.exe
Token: SeShutdownPrivilege	1424	chrome.exe
Token: SeCreatePagefilePrivilege	1424	chrome.exe
Token: SeShutdownPrivilege	1424	chrome.exe
Token: SeCreatePagefilePrivilege	1424	chrome.exe
Token: SeShutdownPrivilege	1424	chrome.exe
Token: SeCreatePagefilePrivilege	1424	chrome.exe
Token: SeShutdownPrivilege	1424	chrome.exe
Token: SeCreatePagefilePrivilege	1424	chrome.exe
Token: SeShutdownPrivilege	1424	chrome.exe
Token: SeCreatePagefilePrivilege	1424	chrome.exe
Token: SeShutdownPrivilege	1424	chrome.exe
Token: SeCreatePagefilePrivilege	1424	chrome.exe
Token: SeShutdownPrivilege	1424	chrome.exe
Token: SeCreatePagefilePrivilege	1424	chrome.exe
Token: SeShutdownPrivilege	1424	chrome.exe
Token: SeCreatePagefilePrivilege	1424	chrome.exe
Token: SeShutdownPrivilege	1424	chrome.exe
Token: SeCreatePagefilePrivilege	1424	chrome.exe
Token: SeShutdownPrivilege	1424	chrome.exe
Token: SeCreatePagefilePrivilege	1424	chrome.exe
Token: SeShutdownPrivilege	1424	chrome.exe
Token: SeCreatePagefilePrivilege	1424	chrome.exe
Token: SeShutdownPrivilege	1424	chrome.exe
Token: SeCreatePagefilePrivilege	1424	chrome.exe
Token: SeShutdownPrivilege	1424	chrome.exe
Token: SeCreatePagefilePrivilege	1424	chrome.exe
Token: SeShutdownPrivilege	1424	chrome.exe
Token: SeCreatePagefilePrivilege	1424	chrome.exe
Token: SeShutdownPrivilege	1424	chrome.exe
Token: SeCreatePagefilePrivilege	1424	chrome.exe
Token: SeShutdownPrivilege	1424	chrome.exe
Token: SeCreatePagefilePrivilege	1424	chrome.exe
Token: SeShutdownPrivilege	1424	chrome.exe
Token: SeCreatePagefilePrivilege	1424	chrome.exe
Token: SeShutdownPrivilege	1424	chrome.exe
Token: SeCreatePagefilePrivilege	1424	chrome.exe
Token: SeShutdownPrivilege	1424	chrome.exe
Token: SeCreatePagefilePrivilege	1424	chrome.exe
Token: SeShutdownPrivilege	1424	chrome.exe
Token: SeCreatePagefilePrivilege	1424	chrome.exe
Token: SeShutdownPrivilege	1424	chrome.exe
Token: SeCreatePagefilePrivilege	1424	chrome.exe
Token: SeShutdownPrivilege	1424	chrome.exe
Token: SeCreatePagefilePrivilege	1424	chrome.exe
Token: SeShutdownPrivilege	1424	chrome.exe
Token: SeCreatePagefilePrivilege	1424	chrome.exe
Token: SeShutdownPrivilege	1424	chrome.exe
Token: SeCreatePagefilePrivilege	1424	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

Processes:

chrome.exe

pid	process
1424	chrome.exe
1424	chrome.exe
1424	chrome.exe
1424	chrome.exe
1424	chrome.exe
1424	chrome.exe
1424	chrome.exe
1424	chrome.exe
1424	chrome.exe
1424	chrome.exe
1424	chrome.exe
1424	chrome.exe
1424	chrome.exe
1424	chrome.exe
1424	chrome.exe
1424	chrome.exe
1424	chrome.exe
1424	chrome.exe
1424	chrome.exe
1424	chrome.exe
1424	chrome.exe
1424	chrome.exe
1424	chrome.exe
1424	chrome.exe
1424	chrome.exe
1424	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

Processes:

chrome.exe

pid	process
1424	chrome.exe
1424	chrome.exe
1424	chrome.exe
1424	chrome.exe
1424	chrome.exe
1424	chrome.exe
1424	chrome.exe
1424	chrome.exe
1424	chrome.exe
1424	chrome.exe
1424	chrome.exe
1424	chrome.exe
1424	chrome.exe
1424	chrome.exe
1424	chrome.exe
1424	chrome.exe
1424	chrome.exe
1424	chrome.exe
1424	chrome.exe
1424	chrome.exe
1424	chrome.exe
1424	chrome.exe
1424	chrome.exe
1424	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

chrome.exe

description	pid	process	target process
PID 1424 wrote to memory of 3748	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 3748	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 2200	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 2200	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 2200	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 2200	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 2200	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 2200	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 2200	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 2200	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 2200	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 2200	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 2200	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 2200	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 2200	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 2200	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 2200	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 2200	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 2200	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 2200	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 2200	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 2200	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 2200	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 2200	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 2200	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 2200	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 2200	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 2200	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 2200	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 2200	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 2200	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 2200	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 2200	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 4216	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 4216	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 3092	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 3092	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 3092	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 3092	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 3092	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 3092	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 3092	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 3092	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 3092	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 3092	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 3092	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 3092	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 3092	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 3092	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 3092	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 3092	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 3092	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 3092	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 3092	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 3092	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 3092	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 3092	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 3092	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 3092	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 3092	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 3092	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 3092	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 3092	1424	chrome.exe	chrome.exe
PID 1424 wrote to memory of 3092	1424	chrome.exe	chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://ghostproject.fr/
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1424

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff54f8ab58,0x7fff54f8ab68,0x7fff54f8ab78
2⤵
PID:3748

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1696 --field-trial-handle=1904,i,8740199211648058377,1131396855659310219,131072 /prefetch:2
2⤵
PID:2200

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2136 --field-trial-handle=1904,i,8740199211648058377,1131396855659310219,131072 /prefetch:8
2⤵
PID:4216

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2216 --field-trial-handle=1904,i,8740199211648058377,1131396855659310219,131072 /prefetch:8
2⤵
PID:3092

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3068 --field-trial-handle=1904,i,8740199211648058377,1131396855659310219,131072 /prefetch:1
2⤵
PID:4772

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3084 --field-trial-handle=1904,i,8740199211648058377,1131396855659310219,131072 /prefetch:1
2⤵
PID:4484

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4456 --field-trial-handle=1904,i,8740199211648058377,1131396855659310219,131072 /prefetch:1
2⤵
PID:1580

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4172 --field-trial-handle=1904,i,8740199211648058377,1131396855659310219,131072 /prefetch:8
2⤵
PID:4424

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4692 --field-trial-handle=1904,i,8740199211648058377,1131396855659310219,131072 /prefetch:8
2⤵
- Modifies registry class
PID:4544

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4892 --field-trial-handle=1904,i,8740199211648058377,1131396855659310219,131072 /prefetch:1
2⤵
PID:4296

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5152 --field-trial-handle=1904,i,8740199211648058377,1131396855659310219,131072 /prefetch:8
2⤵
PID:836

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4312 --field-trial-handle=1904,i,8740199211648058377,1131396855659310219,131072 /prefetch:8
2⤵
PID:1192

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:2968

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1

T1012

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
864B

MD5
5ef43852f4f8447fa3929952e1fed6b2

SHA1
2e2387e899f527c2caf48ec03adb540800254169

SHA256
e32adbf477f698ad46e1b69aef9321d950e91ae93381cbdb961f1049af5ef374

SHA512
17fa73c7695f4d3fa5e34f3939a1480c0858dbb91f23b569616db7283671f128626503f219cc5f78629bee35e77ffc2dfd300246b87ec04a9c88a6811b1b4f5b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
800dce025b6cf423b69ec0b957ef0010

SHA1
4091b94d910c6165b1fc9da4a99b4e9a5e624caa

SHA256
68a41de515ddd60547cf7d629373e7f8dd02515ecb81c2013b87dbba573ede13

SHA512
0a76e36ae10bffc96610c151c7b5cc95a26c9d966a1e55c07169a6199e5ccb9fed29b578daee906377d75530b8225c9a5d710b9742505f58d57070dd95a648eb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
a015320559b79632bfa83994f61a4efb

SHA1
1951aef96b618426f8c6d7860bf7a26e00c02d69

SHA256
68328dda1f82486edbc951b8d69c405fbbedda91d1a5c9b4598627c171216a21

SHA512
7c053eed298e66c29a2f62105cd2bd47dc15bf858c057330520481944aa29f756ad59951d1b143c406b7e75b56ebec079e1313831162a5456524f61b172bb0b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
56B

MD5
94275bde03760c160b707ba8806ef545

SHA1
aad8d87b0796de7baca00ab000b2b12a26427859

SHA256
c58cb79fa4a9ade48ed821dd9f98957b0adfda7c2d267e3d07951c2d371aa968

SHA512
2aabd49bc9f0ed3a5c690773f48a92dbbbd60264090a0db2fe0f166f8c20c767a74d1e1d7cc6a46c34cfbd1587ddb565e791d494cd0d2ca375ab8cc11cd8f930

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe5742b6.TMP

Filesize
120B

MD5
88a76aee8e9873b2d9ed87a6c6086a7f

SHA1
f148665d26b8c68364f4fd089d7503db74e350ea

SHA256
cdf1ffb017a57fb16b869443b01e8485f42e7d24989cab8692d6bf2a762f5f8d

SHA512
9f59f52680e5f04056084ef71df0ceb46481fdae6a757ab3e3f7c25c05e40f2ea540c71491f35e285326b89004959a328d97065ecd9987cc2a339a255c30f47f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
021074156e04d195c23758e96539a4c3

SHA1
03e6c8bea27765ec82d01112eba1dd631a7a3b02

SHA256
dee2decbcfa5eed11f2cc9c901d51138c0381940c80694b4ed7187c0953715e8

SHA512
d453345b9c6d4a0bb09565ec80c9d1bd21620b1293f66c6cf75185ea4fdadb34aa8a1a0e6ecc2163b57bb95e993a869a317ac95c02a67e13e2a5dafc0c3abdb6

Download Submit
\??\pipe\crashpad_1424_GLDAVIRNJZJMQXGM

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads