Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

5

Dropped Ma...2f.exe

windows11-21h2-x64

Dropped Malware/1.exe

windows11-21h2-x64

Dropped Ma...29.exe

windows11-21h2-x64

10

Dropped Ma...89.xls

windows11-21h2-x64

1

Dropped Ma...df.exe

windows11-21h2-x64

8

Dropped Ma...er.exe

windows11-21h2-x64

10

Dropped Ma...df.exe

windows11-21h2-x64

8

Dropped Ma...00.exe

windows11-21h2-x64

7

Dropped Ma...DF.bat

windows11-21h2-x64

8

Dropped Ma...61.exe

windows11-21h2-x64

10

Dropped Ma...df.exe

windows11-21h2-x64

10

Dropped Ma...89.xls

windows11-21h2-x64

1

Dropped Ma...df.exe

windows11-21h2-x64

8

Dropped Ma...df.exe

windows11-21h2-x64

5

Dropped Ma...00.vbs

windows11-21h2-x64

8

Dropped Ma...df.exe

windows11-21h2-x64

8

Dropped Ma...B).vbs

windows11-21h2-x64

10

Dropped Ma...df.exe

windows11-21h2-x64

3

Analysis

  • max time kernel
    299s
  • max time network
    298s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240508-en
  • resource tags

    arch:x64arch:x86image:win11-20240508-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    03/07/2024, 23:01 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Dropped Malware/BNP DOC 12578945329763-7633562829.exe

  • Size

    2.1MB

  • MD5

    864ec5148797f4e02d42e1bccd9a6fe7

  • SHA1

    bc0a0146ef1d4fbab0b1a75c82cc45bbd94b4f2f

  • SHA256

    0ec61eda09a5b90027808d2295a193eb7a8e81d440e5460d00a69328c2f9ee81

  • SHA512

    13e2bc609ac3fe021b39ffb783d7dda07eb5028752cc22c4adf0363b23624c92618b83b913e95bbc8c854341eb2fc8be5bf6903699031623a8a50b167b593f49

  • SSDEEP

    49152:nOD+bTI6YTDml4HJPHDQkOBU0f9iygcrxZ3aU5ZNIrRo2ht1W1cvkN8TCiJ5QtbF:Gv85wDJ5QtB

Score
10/10
remcos1218202300rat

Malware Config

Extracted

Family

remcos

Botnet

1218202300

C2

softwareupdatexkwre.duckdns.org:45682

Attributes
  • audio_folder

    MicRecords

  • audio_record_time

    5

  • connect_delay

    0

  • connect_interval

    1

  • copy_file

    remcos.exe

  • copy_folder

    Remcos

  • delete_file

    false

  • hide_file

    false

  • hide_keylog_file

    false

  • install_flag

    false

  • keylog_crypt

    false

  • keylog_file

    logs.dat

  • keylog_flag

    false

  • keylog_folder

    remcos

  • mouse_option

    false

  • mutex

    hdgd-8HWPTM

  • screenshot_crypt

    false

  • screenshot_flag

    false

  • screenshot_folder

    Screenshots

  • screenshot_path

    %AppData%

  • screenshot_time

    10

  • startup_value

    Remcos

  • take_screenshot_option

    false

  • take_screenshot_time

    5

Signatures

  • Remcos

    Remcos is a closed-source remote control and surveillance software.

    ratremcos
  • Suspicious use of SetThreadContext 1 IoCs
  • Suspicious use of WriteProcessMemory 12 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Dropped Malware\BNP DOC 12578945329763-7633562829.exe
    "C:\Users\Admin\AppData\Local\Temp\Dropped Malware\BNP DOC 12578945329763-7633562829.exe"
    1⤵
    • Suspicious use of SetThreadContext
    • Suspicious use of WriteProcessMemory
    PID:2492
    • C:\Windows\Microsoft.NET\Framework\v4.0.30319\installutil.exe
      "C:\Windows\Microsoft.NET\Framework\v4.0.30319\installutil.exe"
      2⤵
        PID:3660

    Network

    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      8.8.8.8.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      8.8.8.8.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      8.8.8.8.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      8.8.8.8.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      8.8.8.8.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      8.8.8.8.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      8.8.8.8.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      8.8.8.8.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      8.8.8.8.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      8.8.8.8.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    • flag-us
      DNS
      softwareupdatexkwre.duckdns.org
      installutil.exe
      Remote address:
      8.8.8.8:53
      Request
      softwareupdatexkwre.duckdns.org
      IN A
    No results found
    • 8.8.8.8:53
      softwareupdatexkwre.duckdns.org
      dns
      installutil.exe
      385 B
       5

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

    • 8.8.8.8:53
      8.8.8.8.in-addr.arpa
      dns
      330 B
       5

      DNS Request

      8.8.8.8.in-addr.arpa

      DNS Request

      8.8.8.8.in-addr.arpa

      DNS Request

      8.8.8.8.in-addr.arpa

      DNS Request

      8.8.8.8.in-addr.arpa

      DNS Request

      8.8.8.8.in-addr.arpa

    • 8.8.8.8:53
      softwareupdatexkwre.duckdns.org
      dns
      installutil.exe
      385 B
       5

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

    • 8.8.8.8:53
      softwareupdatexkwre.duckdns.org
      dns
      installutil.exe
      385 B
       5

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

    • 8.8.8.8:53
      softwareupdatexkwre.duckdns.org
      dns
      installutil.exe
      385 B
       5

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

    • 8.8.8.8:53
      softwareupdatexkwre.duckdns.org
      dns
      installutil.exe
      385 B
       5

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

    • 8.8.8.8:53
      softwareupdatexkwre.duckdns.org
      dns
      installutil.exe
      385 B
       5

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

    • 8.8.8.8:53
      softwareupdatexkwre.duckdns.org
      dns
      installutil.exe
      385 B
       5

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

    • 8.8.8.8:53
      softwareupdatexkwre.duckdns.org
      dns
      installutil.exe
      385 B
       5

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

    • 8.8.8.8:53
      softwareupdatexkwre.duckdns.org
      dns
      installutil.exe
      385 B
       5

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

    • 8.8.8.8:53
      softwareupdatexkwre.duckdns.org
      dns
      installutil.exe
      385 B
       5

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

    • 8.8.8.8:53
      softwareupdatexkwre.duckdns.org
      dns
      installutil.exe
      385 B
       5

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

    • 8.8.8.8:53
      softwareupdatexkwre.duckdns.org
      dns
      installutil.exe
      385 B
       5

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

    • 8.8.8.8:53
      softwareupdatexkwre.duckdns.org
      dns
      installutil.exe
      385 B
       5

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

    • 8.8.8.8:53
      softwareupdatexkwre.duckdns.org
      dns
      installutil.exe
      385 B
       5

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

    • 8.8.8.8:53
      softwareupdatexkwre.duckdns.org
      dns
      installutil.exe
      385 B
       5

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

    • 8.8.8.8:53
      softwareupdatexkwre.duckdns.org
      dns
      installutil.exe
      385 B
       5

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

    • 8.8.8.8:53
      softwareupdatexkwre.duckdns.org
      dns
      installutil.exe
      385 B
       5

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

    • 8.8.8.8:53
      softwareupdatexkwre.duckdns.org
      dns
      installutil.exe
      385 B
       5

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

    • 8.8.8.8:53
      softwareupdatexkwre.duckdns.org
      dns
      installutil.exe
      385 B
       5

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

    • 8.8.8.8:53
      softwareupdatexkwre.duckdns.org
      dns
      installutil.exe
      385 B
       5

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

    • 8.8.8.8:53
      softwareupdatexkwre.duckdns.org
      dns
      installutil.exe
      385 B
       5

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

    • 8.8.8.8:53
      softwareupdatexkwre.duckdns.org
      dns
      installutil.exe
      385 B
       5

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

    • 8.8.8.8:53
      softwareupdatexkwre.duckdns.org
      dns
      installutil.exe
      308 B
       4

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

      DNS Request

      softwareupdatexkwre.duckdns.org

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3660-0-0x0000000000400000-0x000000000047F000-memory.dmp

      Filesize

      508KB

      Download

    • memory/3660-1-0x0000000000400000-0x000000000047F000-memory.dmp

      Filesize

      508KB

      Download

    • memory/3660-2-0x0000000000400000-0x000000000047F000-memory.dmp

      Filesize

      508KB

      Download

    • memory/3660-3-0x0000000000400000-0x000000000047F000-memory.dmp

      Filesize

      508KB

      Download

    • memory/3660-4-0x0000000000400000-0x000000000047F000-memory.dmp

      Filesize

      508KB

      Download

    • memory/3660-5-0x0000000000400000-0x000000000047F000-memory.dmp

      Filesize

      508KB

      Download

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.