Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

d84b4ffd93...18.dll

windows7-x64

10

d84b4ffd93...18.dll

windows10-2004-x64

10

Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10/09/2024, 12:44 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d84b4ffd93cd5a2b5581a7d06965db3c_JaffaCakes118.dll

  • Size

    5.0MB

  • MD5

    d84b4ffd93cd5a2b5581a7d06965db3c

  • SHA1

    4864f857649abea6352752d9ffd2e966e41cae2e

  • SHA256

    11b03cfbbd729b24efca4977e03cc469079265ebdfd2811cc8626fd85c6a7ec5

  • SHA512

    fa8c6da6315b4b0d3a20fabc34d992afb9babc9ffc73ca53871fcbff856347f8ec25203936e13d4acac76d8489d2e3b5bf6f894cca4a4c07cd338cca9b74bc40

  • SSDEEP

    49152:SnAQqMSPbcBVWRdhnvxJM0H9aEau3R8yAH1plAH:+DqPoBUdhvxWa9n3R8yAVp2H

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Signatures

  • Wannacry

    WannaCry is a ransomware cryptoworm.

    ransomwarewormwannacry
  • Contacts a large (3317) amount of remote hosts 1 TTPs

    This may indicate a network scan to discover remotely running services.

    discovery
  • Executes dropped EXE 3 IoCs
  • Creates a large amount of network flows 1 TTPs

    This may indicate a network scan to discover remotely running services.

    discovery
  • Drops file in Windows directory 2 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 3 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies data under HKEY_USERS 5 IoCs
  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\d84b4ffd93cd5a2b5581a7d06965db3c_JaffaCakes118.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2104
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\d84b4ffd93cd5a2b5581a7d06965db3c_JaffaCakes118.dll,#1
      2⤵
      • Drops file in Windows directory
      • System Location Discovery: System Language Discovery
      • Suspicious use of WriteProcessMemory
      PID:5064
      • C:\WINDOWS\mssecsvc.exe
        C:\WINDOWS\mssecsvc.exe
        3⤵
        • Executes dropped EXE
        • Drops file in Windows directory
        • System Location Discovery: System Language Discovery
        PID:4156
        • C:\WINDOWS\tasksche.exe
          C:\WINDOWS\tasksche.exe /i
          4⤵
          • Executes dropped EXE
          PID:1600
  • C:\WINDOWS\mssecsvc.exe
    C:\WINDOWS\mssecsvc.exe -m security
    1⤵
    • Executes dropped EXE
    • System Location Discovery: System Language Discovery
    • Modifies data under HKEY_USERS
    PID:4088

Network

  • flag-us
    DNS
    www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com
    mssecsvc.exe
    Remote address:
    8.8.8.8:53
    Request
    www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com
    IN A
    Response
    www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com
    IN A
    104.16.167.228
    www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com
    IN A
    104.16.166.228
  • flag-us
    GET
    http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com/
    mssecsvc.exe
    Remote address:
    104.16.167.228:80
    Request
    GET / HTTP/1.1
    Host: www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Date: Tue, 10 Sep 2024 12:44:30 GMT
    Content-Type: text/html
    Content-Length: 607
    Connection: close
    Server: cloudflare
    CF-RAY: 8c0f82852c33cd0d-LHR
  • flag-us
    GET
    http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com/
    mssecsvc.exe
    Remote address:
    104.16.167.228:80
    Request
    GET / HTTP/1.1
    Host: www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com
    Cache-Control: no-cache
    Response
    HTTP/1.1 200 OK
    Date: Tue, 10 Sep 2024 12:44:31 GMT
    Content-Type: text/html
    Content-Length: 607
    Connection: close
    Server: cloudflare
    CF-RAY: 8c0f82867874948f-LHR
  • flag-us
    DNS
    8.8.8.8.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    8.8.8.8.in-addr.arpa
    IN PTR
    Response
    8.8.8.8.in-addr.arpa
    IN PTR
    dnsgoogle
  • flag-us
    DNS
    228.167.16.104.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    228.167.16.104.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    154.239.44.20.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    154.239.44.20.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    81.144.22.2.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    81.144.22.2.in-addr.arpa
    IN PTR
    Response
    81.144.22.2.in-addr.arpa
    IN PTR
    a2-22-144-81deploystaticakamaitechnologiescom
  • flag-us
    DNS
    75.159.190.20.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    75.159.190.20.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    58.55.71.13.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    58.55.71.13.in-addr.arpa
    IN PTR
    Response
  • DNS
    50.23.12.20.in-addr.arpa
    Request
    50.23.12.20.in-addr.arpa
    IN PTR
    Response
  • DNS
    198.187.3.20.in-addr.arpa
    Request
    198.187.3.20.in-addr.arpa
    IN PTR
    Response
  • DNS
    172.210.232.199.in-addr.arpa
    Request
    172.210.232.199.in-addr.arpa
    IN PTR
    Response
  • DNS
    65.55.216.44.in-addr.arpa
    Request
    65.55.216.44.in-addr.arpa
    IN PTR
    Response
    65.55.216.44.in-addr.arpa
    IN PTR
    ec2-44-216-55-65 compute-1 amazonawscom
  • DNS
    172.214.232.199.in-addr.arpa
    Request
    172.214.232.199.in-addr.arpa
    IN PTR
    Response
  • DNS
    141.194.34.34.in-addr.arpa
    Request
    141.194.34.34.in-addr.arpa
    IN PTR
    Response
    141.194.34.34.in-addr.arpa
    IN PTR
    1411943434bcgoogleusercontentcom
  • DNS
    1.194.34.34.in-addr.arpa
    Request
    1.194.34.34.in-addr.arpa
    IN PTR
    Response
    1.194.34.34.in-addr.arpa
    IN PTR
    11943434bcgoogleusercontentcom
  • DNS
    2.194.34.34.in-addr.arpa
    Request
    2.194.34.34.in-addr.arpa
    IN PTR
    Response
    2.194.34.34.in-addr.arpa
    IN PTR
    21943434bcgoogleusercontentcom
  • DNS
    3.194.34.34.in-addr.arpa
    Request
    3.194.34.34.in-addr.arpa
    IN PTR
    Response
    3.194.34.34.in-addr.arpa
    IN PTR
    31943434bcgoogleusercontentcom
  • DNS
    4.194.34.34.in-addr.arpa
    Request
    4.194.34.34.in-addr.arpa
    IN PTR
    Response
    4.194.34.34.in-addr.arpa
    IN PTR
    41943434bcgoogleusercontentcom
  • DNS
    5.194.34.34.in-addr.arpa
    Request
    5.194.34.34.in-addr.arpa
    IN PTR
    Response
    5.194.34.34.in-addr.arpa
    IN PTR
    51943434bcgoogleusercontentcom
  • DNS
    6.194.34.34.in-addr.arpa
    Request
    6.194.34.34.in-addr.arpa
    IN PTR
    Response
    6.194.34.34.in-addr.arpa
    IN PTR
    61943434bcgoogleusercontentcom
  • DNS
    7.194.34.34.in-addr.arpa
    Request
    7.194.34.34.in-addr.arpa
    IN PTR
    Response
    7.194.34.34.in-addr.arpa
    IN PTR
    71943434bcgoogleusercontentcom
  • DNS
    8.194.34.34.in-addr.arpa
    Request
    8.194.34.34.in-addr.arpa
    IN PTR
    Response
    8.194.34.34.in-addr.arpa
    IN PTR
    81943434bcgoogleusercontentcom
  • DNS
    9.194.34.34.in-addr.arpa
    Request
    9.194.34.34.in-addr.arpa
    IN PTR
    Response
    9.194.34.34.in-addr.arpa
    IN PTR
    91943434bcgoogleusercontentcom
  • DNS
    9.194.34.34.in-addr.arpa
    Request
    9.194.34.34.in-addr.arpa
    IN PTR
  • DNS
    10.194.34.34.in-addr.arpa
    Request
    10.194.34.34.in-addr.arpa
    IN PTR
    Response
    10.194.34.34.in-addr.arpa
    IN PTR
    101943434bcgoogleusercontentcom
  • DNS
    11.194.34.34.in-addr.arpa
    Request
    11.194.34.34.in-addr.arpa
    IN PTR
    Response
    11.194.34.34.in-addr.arpa
    IN PTR
    111943434bcgoogleusercontentcom
  • 104.16.167.228:80
    http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com/
    http
    mssecsvc.exe
    376 B
     990 B
     6
    5

    HTTP Request

    GET http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com/

    HTTP Response

    200
  • 104.16.167.228:80
    http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com/
    http
    mssecsvc.exe
    376 B
     990 B
     6
    5

    HTTP Request

    GET http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com/

    HTTP Response

    200
  • 149.155.183.8:445
    mssecsvc.exe
    104 B
     2
  • 10.127.0.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.1.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.2.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.3.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.4.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.5.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.6.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.7.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.8.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.9.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.10.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.11.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.12.1:445
    mssecsvc.exe
    52 B
     1
  • 212.136.53.236:445
    mssecsvc.exe
    104 B
     2
  • 10.127.13.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.14.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.15.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.16.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.17.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.18.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.21.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.19.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.20.1:445
    mssecsvc.exe
    52 B
     1
  • 48.116.59.80:445
    mssecsvc.exe
    104 B
     2
  • 10.127.22.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.23.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.24.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.25.1:445
    mssecsvc.exe
    104 B
     2
  • 156.229.14.54:445
    mssecsvc.exe
    98 B
     48 B
     2
    1
  • 10.127.26.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.27.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.28.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.29.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.30.1:445
    mssecsvc.exe
    104 B
     2
  • 138.119.232.4:445
    mssecsvc.exe
    104 B
     2
  • 10.127.32.1:445
    mssecsvc.exe
    104 B
     2
  • 59.112.116.208:445
    mssecsvc.exe
    104 B
     2
  • 10.127.34.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.31.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.35.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.33.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.36.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.37.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.40.1:445
    mssecsvc.exe
    104 B
     2
  • 105.152.188.146:445
    mssecsvc.exe
    52 B
     1
  • 10.127.38.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.39.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.41.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.42.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.43.1:445
    mssecsvc.exe
    104 B
     2
  • 117.138.250.116:445
    mssecsvc.exe
    104 B
     2
  • 10.127.44.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.45.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.46.1:445
    mssecsvc.exe
    104 B
     2
  • 56.91.58.165:445
    mssecsvc.exe
    104 B
     2
  • 10.127.47.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.49.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.51.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.54.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.52.1:445
    mssecsvc.exe
    52 B
     1
  • 93.209.130.63:445
    mssecsvc.exe
    104 B
     2
  • 109.103.9.138:445
    mssecsvc.exe
    52 B
     1
  • 10.127.48.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.50.1:445
    mssecsvc.exe
    104 B
     2
  • 197.113.28.106:445
    mssecsvc.exe
    104 B
     2
  • 10.127.53.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.56.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.58.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.55.1:445
    mssecsvc.exe
    52 B
     1
  • 14.95.55.61:445
    mssecsvc.exe
    52 B
     1
  • 10.127.57.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.59.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.60.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.61.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.62.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.63.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.64.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.65.1:445
    mssecsvc.exe
    52 B
     1
  • 129.26.16.3:445
    mssecsvc.exe
    52 B
     1
  • 10.127.66.1:445
    mssecsvc.exe
    104 B
     2
  • 69.206.222.89:445
    mssecsvc.exe
    52 B
     1
  • 10.127.67.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.68.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.69.1:445
    mssecsvc.exe
    104 B
     2
  • 223.99.6.71:445
    mssecsvc.exe
    104 B
     2
  • 10.127.71.1:445
    mssecsvc.exe
    104 B
     2
  • 35.104.28.230:445
    mssecsvc.exe
    104 B
     2
  • 10.127.70.1:445
    mssecsvc.exe
    104 B
     2
  • 116.152.252.203:445
    mssecsvc.exe
    104 B
     2
  • 10.127.72.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.76.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.73.1:445
    mssecsvc.exe
    104 B
     2
  • 46.208.99.249:445
    mssecsvc.exe
    104 B
     2
  • 10.127.74.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.78.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.75.1:445
    mssecsvc.exe
    104 B
     2
  • 174.20.154.217:445
    mssecsvc.exe
    104 B
     2
  • 10.127.79.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.81.1:445
    mssecsvc.exe
    104 B
     2
  • 11.168.193.111:445
    mssecsvc.exe
    52 B
     1
  • 10.127.83.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.82.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.77.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.80.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.84.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.85.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.86.1:445
    mssecsvc.exe
    104 B
     2
  • 194.199.111.101:445
    mssecsvc.exe
    104 B
     2
  • 10.127.87.1:445
    mssecsvc.exe
    52 B
     1
  • 142.5.154.158:445
    mssecsvc.exe
    104 B
     2
  • 10.127.88.1:445
    mssecsvc.exe
    104 B
     2
  • 130.71.39.117:445
    mssecsvc.exe
    52 B
     1
  • 175.86.176.67:445
    mssecsvc.exe
    104 B
     2
  • 58.253.241.71:445
    mssecsvc.exe
    52 B
     1
  • 10.127.89.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.90.1:445
    mssecsvc.exe
    104 B
     2
  • 117.233.8.157:445
    mssecsvc.exe
    104 B
     2
  • 10.127.98.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.91.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.92.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.93.1:445
    mssecsvc.exe
    104 B
     2
  • 192.97.86.21:445
    mssecsvc.exe
    52 B
     1
  • 10.127.95.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.96.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.94.1:445
    mssecsvc.exe
    104 B
     2
  • 175.109.248.147:445
    mssecsvc.exe
    52 B
     1
  • 10.127.99.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.101.1:445
    mssecsvc.exe
    104 B
     2
  • 136.185.192.50:445
    mssecsvc.exe
    104 B
     2
  • 10.127.97.1:445
    mssecsvc.exe
    104 B
     2
  • 204.2.61.157:445
    mssecsvc.exe
    104 B
     2
  • 10.127.100.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.102.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.103.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.104.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.105.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.106.1:445
    mssecsvc.exe
    104 B
     2
  • 33.191.233.125:445
    mssecsvc.exe
    104 B
     2
  • 10.127.107.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.108.1:445
    mssecsvc.exe
    104 B
     2
  • 51.117.153.245:445
    mssecsvc.exe
    52 B
     1
  • 10.127.109.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.110.1:445
    mssecsvc.exe
    52 B
     1
  • 165.113.95.117:445
    mssecsvc.exe
    104 B
     2
  • 145.118.242.234:445
    mssecsvc.exe
    104 B
     2
  • 10.127.111.1:445
    mssecsvc.exe
    52 B
     1
  • 86.133.185.214:445
    mssecsvc.exe
    104 B
     2
  • 152.225.217.238:445
    mssecsvc.exe
    104 B
     2
  • 10.127.115.1:445
    mssecsvc.exe
    52 B
     1
  • 141.6.0.90:445
    mssecsvc.exe
    104 B
     2
  • 67.43.150.97:445
    mssecsvc.exe
    104 B
     2
  • 10.127.116.1:445
    mssecsvc.exe
    104 B
     2
  • 139.105.215.127:445
    mssecsvc.exe
    104 B
     2
  • 10.127.114.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.121.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.119.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.112.1:445
    mssecsvc.exe
    104 B
     2
  • 25.216.199.242:445
    mssecsvc.exe
    52 B
     1
  • 10.127.118.1:445
    mssecsvc.exe
    52 B
     1
  • 209.84.141.176:445
    mssecsvc.exe
    52 B
     1
  • 10.127.117.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.113.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.120.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.122.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.123.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.124.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.125.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.126.1:445
    mssecsvc.exe
    104 B
     2
  • 81.0.110.214:445
    mssecsvc.exe
    104 B
     2
  • 96.67.50.33:445
    mssecsvc.exe
    104 B
     2
  • 10.127.127.1:445
    mssecsvc.exe
    104 B
     2
  • 36.80.46.169:445
    mssecsvc.exe
    104 B
     2
  • 10.127.128.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.129.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.130.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.131.1:445
    mssecsvc.exe
    52 B
     1
  • 105.114.174.36:445
    mssecsvc.exe
    104 B
     2
  • 129.190.16.170:445
    mssecsvc.exe
    52 B
     1
  • 116.130.194.126:445
    mssecsvc.exe
    104 B
     2
  • 94.190.124.2:445
    mssecsvc.exe
    104 B
     2
  • 10.127.133.1:445
    mssecsvc.exe
    52 B
     1
  • 134.32.126.237:445
    mssecsvc.exe
    104 B
     2
  • 100.74.132.67:445
    mssecsvc.exe
    104 B
     2
  • 10.127.132.1:445
    mssecsvc.exe
    104 B
     2
  • 183.187.125.69:445
    mssecsvc.exe
    104 B
     2
  • 10.127.134.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.139.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.141.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.136.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.142.1:445
    mssecsvc.exe
    52 B
     1
  • 148.202.133.158:445
    mssecsvc.exe
    52 B
     1
  • 10.127.135.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.137.1:445
    mssecsvc.exe
    52 B
     1
  • 88.97.102.155:445
    mssecsvc.exe
    104 B
     2
  • 10.127.140.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.138.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.143.1:445
    mssecsvc.exe
    104 B
     2
  • 12.129.229.9:445
    mssecsvc.exe
    104 B
     2
  • 59.135.188.71:445
    mssecsvc.exe
    104 B
     2
  • 10.127.144.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.145.1:445
    mssecsvc.exe
    104 B
     2
  • 200.96.120.191:445
    mssecsvc.exe
    104 B
     2
  • 10.127.146.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.147.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.148.1:445
    mssecsvc.exe
    104 B
     2
  • 59.180.171.110:445
    mssecsvc.exe
    104 B
     2
  • 220.33.162.149:445
    mssecsvc.exe
    104 B
     2
  • 10.127.149.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.150.1:445
    mssecsvc.exe
    104 B
     2
  • 181.56.86.93:445
    mssecsvc.exe
    52 B
     1
  • 85.178.7.97:445
    mssecsvc.exe
    52 B
     1
  • 222.49.123.232:445
    mssecsvc.exe
    52 B
     1
  • 10.127.151.1:445
    mssecsvc.exe
    104 B
     2
  • 149.220.38.14:445
    mssecsvc.exe
    52 B
     1
  • 10.127.152.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.155.1:445
    mssecsvc.exe
    52 B
     1
  • 52.177.108.105:445
    mssecsvc.exe
    52 B
     1
  • 105.104.101.32:445
    mssecsvc.exe
    52 B
     1
  • 10.127.153.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.154.1:445
    mssecsvc.exe
    52 B
     1
  • 137.129.130.24:445
    mssecsvc.exe
    104 B
     2
  • 47.176.249.143:445
    mssecsvc.exe
    104 B
     2
  • 10.127.156.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.158.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.160.1:445
    mssecsvc.exe
    52 B
     1
  • 203.155.95.41:445
    mssecsvc.exe
    104 B
     2
  • 10.127.161.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.163.1:445
    mssecsvc.exe
    104 B
     2
  • 75.228.221.133:445
    mssecsvc.exe
    104 B
     2
  • 110.191.213.204:445
    mssecsvc.exe
    104 B
     2
  • 10.127.157.1:445
    mssecsvc.exe
    52 B
     1
  • 31.197.9.224:445
    mssecsvc.exe
    104 B
     2
  • 10.127.159.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.162.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.164.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.165.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.166.1:445
    mssecsvc.exe
    104 B
     2
  • 174.187.167.2:445
    mssecsvc.exe
    52 B
     1
  • 10.127.167.1:445
    mssecsvc.exe
    104 B
     2
  • 194.124.188.146:445
    mssecsvc.exe
    104 B
     2
  • 10.127.168.1:445
    mssecsvc.exe
    104 B
     2
  • 175.246.34.206:445
    mssecsvc.exe
    52 B
     1
  • 10.127.169.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.170.1:445
    mssecsvc.exe
    104 B
     2
  • 83.250.66.234:445
    mssecsvc.exe
    104 B
     2
  • 176.70.10.163:445
    mssecsvc.exe
    104 B
     2
  • 10.127.171.1:445
    mssecsvc.exe
    104 B
     2
  • 176.209.86.85:445
    mssecsvc.exe
    104 B
     2
  • 10.127.172.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.175.1:445
    mssecsvc.exe
    52 B
     1
  • 209.122.229.146:445
    mssecsvc.exe
    104 B
     2
  • 154.9.182.93:445
    mssecsvc.exe
    104 B
     2
  • 10.127.176.1:445
    mssecsvc.exe
    104 B
     2
  • 81.79.183.50:445
    mssecsvc.exe
    104 B
     2
  • 10.127.173.1:445
    mssecsvc.exe
    104 B
     2
  • 93.222.14.68:445
    mssecsvc.exe
    104 B
     2
  • 140.102.65.70:445
    mssecsvc.exe
    104 B
     2
  • 10.127.179.1:445
    mssecsvc.exe
    104 B
     2
  • 142.153.195.14:445
    mssecsvc.exe
    52 B
     1
  • 10.127.174.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.180.1:445
    mssecsvc.exe
    104 B
     2
  • 69.246.37.122:445
    mssecsvc.exe
    104 B
     2
  • 214.178.50.18:445
    mssecsvc.exe
    104 B
     2
  • 176.160.102.205:445
    mssecsvc.exe
    52 B
     1
  • 14.145.81.78:445
    mssecsvc.exe
    52 B
     1
  • 179.106.21.61:445
    mssecsvc.exe
    104 B
     2
  • 121.40.31.172:445
    mssecsvc.exe
    104 B
     2
  • 10.127.187.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.177.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.178.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.181.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.182.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.183.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.184.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.185.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.186.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.188.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.189.1:445
    mssecsvc.exe
    104 B
     2
  • 17.191.197.135:445
    mssecsvc.exe
    104 B
     2
  • 74.1.119.4:445
    mssecsvc.exe
    104 B
     2
  • 10.127.190.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.191.1:445
    mssecsvc.exe
    52 B
     1
  • 42.46.54.147:445
    mssecsvc.exe
    104 B
     2
  • 80.232.99.119:445
    mssecsvc.exe
    104 B
     2
  • 176.51.88.61:445
    mssecsvc.exe
    52 B
     1
  • 105.33.168.194:445
    mssecsvc.exe
    104 B
     2
  • 10.127.194.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.195.1:445
    mssecsvc.exe
    104 B
     2
  • 198.242.54.119:445
    mssecsvc.exe
    104 B
     2
  • 30.196.187.69:445
    mssecsvc.exe
    104 B
     2
  • 10.127.193.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.192.1:445
    mssecsvc.exe
    104 B
     2
  • 103.112.60.148:445
    mssecsvc.exe
    52 B
     1
  • 75.157.116.20:445
    mssecsvc.exe
    104 B
     2
  • 10.127.196.1:445
    mssecsvc.exe
    104 B
     2
  • 173.48.166.86:445
    mssecsvc.exe
    52 B
     1
  • 10.127.197.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.198.1:445
    mssecsvc.exe
    52 B
     1
  • 40.56.142.131:445
    mssecsvc.exe
    104 B
     2
  • 10.127.199.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.201.1:445
    mssecsvc.exe
    52 B
     1
  • 111.147.216.112:445
    mssecsvc.exe
    52 B
     1
  • 6.68.19.184:445
    mssecsvc.exe
    52 B
     1
  • 10.127.200.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.202.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.203.1:445
    mssecsvc.exe
    104 B
     2
  • 193.44.116.165:445
    mssecsvc.exe
    52 B
     1
  • 177.225.16.133:445
    mssecsvc.exe
    104 B
     2
  • 70.162.86.143:445
    mssecsvc.exe
    104 B
     2
  • 10.127.205.1:445
    mssecsvc.exe
    52 B
     1
  • 87.188.97.172:445
    mssecsvc.exe
    52 B
     1
  • 53.86.134.236:445
    mssecsvc.exe
    104 B
     2
  • 10.127.207.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.204.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.206.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.208.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.209.1:445
    mssecsvc.exe
    104 B
     2
  • 65.113.245.248:445
    mssecsvc.exe
    104 B
     2
  • 207.243.90.45:445
    mssecsvc.exe
    104 B
     2
  • 10.127.210.1:445
    mssecsvc.exe
    52 B
     1
  • 55.249.49.183:445
    mssecsvc.exe
    104 B
     2
  • 129.244.116.127:445
    mssecsvc.exe
    104 B
     2
  • 10.127.211.1:445
    mssecsvc.exe
    104 B
     2
  • 169.45.193.135:445
    mssecsvc.exe
    104 B
     2
  • 47.111.124.31:445
    mssecsvc.exe
    104 B
     2
  • 10.127.212.1:445
    mssecsvc.exe
    104 B
     2
  • 198.155.29.113:445
    mssecsvc.exe
    104 B
     2
  • 10.127.215.1:445
    mssecsvc.exe
    104 B
     2
  • 137.142.80.213:445
    mssecsvc.exe
    104 B
     2
  • 53.108.72.56:445
    mssecsvc.exe
    104 B
     2
  • 10.127.214.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.216.1:445
    mssecsvc.exe
    104 B
     2
  • 159.187.103.214:445
    mssecsvc.exe
    104 B
     2
  • 10.127.213.1:445
    mssecsvc.exe
    52 B
     1
  • 45.92.5.138:445
    mssecsvc.exe
    52 B
     1
  • 10.127.219.1:445
    mssecsvc.exe
    52 B
     1
  • 182.213.123.86:445
    mssecsvc.exe
    104 B
     2
  • 139.105.211.154:445
    mssecsvc.exe
    104 B
     2
  • 10.127.218.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.217.1:445
    mssecsvc.exe
    52 B
     1
  • 19.243.21.240:445
    mssecsvc.exe
    104 B
     2
  • 165.223.165.94:445
    mssecsvc.exe
    104 B
     2
  • 10.127.224.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.222.1:445
    mssecsvc.exe
    104 B
     2
  • 13.218.63.180:445
    mssecsvc.exe
    104 B
     2
  • 10.127.223.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.225.1:445
    mssecsvc.exe
    104 B
     2
  • 129.20.143.109:445
    mssecsvc.exe
    52 B
     1
  • 10.127.220.1:445
    mssecsvc.exe
    104 B
     2
  • 99.201.152.85:445
    mssecsvc.exe
    52 B
     1
  • 31.83.46.230:445
    mssecsvc.exe
    104 B
     2
  • 150.217.155.175:445
    mssecsvc.exe
    104 B
     2
  • 182.27.14.206:445
    mssecsvc.exe
    104 B
     2
  • 10.127.221.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.226.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.227.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.228.1:445
    mssecsvc.exe
    104 B
     2
  • 74.46.129.137:445
    mssecsvc.exe
    104 B
     2
  • 205.155.15.38:445
    mssecsvc.exe
    52 B
     1
  • 104.211.204.223:445
    mssecsvc.exe
    104 B
     2
  • 10.127.229.1:445
    mssecsvc.exe
    104 B
     2
  • 113.111.215.23:445
    mssecsvc.exe
    104 B
     2
  • 10.127.230.1:445
    mssecsvc.exe
    104 B
     2
  • 77.110.170.203:445
    mssecsvc.exe
    104 B
     2
  • 10.127.232.1:445
    mssecsvc.exe
    52 B
     1
  • 139.81.111.102:445
    mssecsvc.exe
    104 B
     2
  • 10.127.234.1:445
    mssecsvc.exe
    52 B
     1
  • 220.182.40.42:445
    mssecsvc.exe
    104 B
     2
  • 10.127.233.1:445
    mssecsvc.exe
    52 B
     1
  • 65.46.100.92:445
    mssecsvc.exe
    52 B
     1
  • 78.172.119.91:445
    mssecsvc.exe
    104 B
     2
  • 10.127.231.1:445
    mssecsvc.exe
    52 B
     1
  • 109.169.58.169:445
    mssecsvc.exe
    104 B
     80 B
     2
    2
  • 207.178.142.87:445
    mssecsvc.exe
    52 B
     1
  • 163.35.200.28:445
    mssecsvc.exe
    52 B
     1
  • 10.127.236.1:445
    mssecsvc.exe
    52 B
     1
  • 10.127.238.1:445
    mssecsvc.exe
    104 B
     2
  • 71.37.234.0:445
    mssecsvc.exe
    104 B
     2
  • 10.127.237.1:445
    mssecsvc.exe
    104 B
     2
  • 90.97.193.75:445
    mssecsvc.exe
    104 B
     2
  • 10.127.235.1:445
    mssecsvc.exe
    104 B
     2
  • 161.44.148.32:445
    mssecsvc.exe
    104 B
     2
  • 68.108.48.26:445
    mssecsvc.exe
    104 B
     2
  • 99.116.120.215:445
    mssecsvc.exe
    104 B
     2
  • 10.127.240.1:445
    mssecsvc.exe
    52 B
     1
  • 106.74.179.168:445
    mssecsvc.exe
    104 B
     2
  • 108.84.97.168:445
    mssecsvc.exe
    104 B
     2
  • 10.127.242.1:445
    mssecsvc.exe
    104 B
     2
  • 39.216.168.59:445
    mssecsvc.exe
    104 B
     2
  • 10.127.241.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.247.1:445
    mssecsvc.exe
    104 B
     2
  • 145.254.221.206:445
    mssecsvc.exe
    104 B
     2
  • 10.127.239.1:445
    mssecsvc.exe
    52 B
     1
  • 219.158.250.155:445
    mssecsvc.exe
    104 B
     2
  • 10.127.244.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.243.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.245.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.246.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.248.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.249.1:445
    mssecsvc.exe
    104 B
     2
  • 123.138.3.75:445
    mssecsvc.exe
    104 B
     2
  • 10.127.250.1:445
    mssecsvc.exe
    104 B
     2
  • 148.137.152.159:445
    mssecsvc.exe
    104 B
     2
  • 118.80.235.188:445
    mssecsvc.exe
    104 B
     2
  • 75.161.74.229:445
    mssecsvc.exe
    104 B
     2
  • 131.72.200.137:445
    mssecsvc.exe
    104 B
     2
  • 180.17.98.55:445
    mssecsvc.exe
    104 B
     2
  • 214.45.159.165:445
    mssecsvc.exe
    104 B
     2
  • 79.244.72.100:445
    mssecsvc.exe
    104 B
     2
  • 113.57.156.113:445
    mssecsvc.exe
    104 B
     2
  • 103.209.211.42:445
    mssecsvc.exe
    52 B
     1
  • 10.127.251.1:445
    mssecsvc.exe
    104 B
     2
  • 171.102.149.84:445
    mssecsvc.exe
    104 B
     2
  • 10.127.0.2:445
    mssecsvc.exe
    104 B
     2
  • 10.127.253.1:445
    mssecsvc.exe
    104 B
     2
  • 21.172.175.9:445
    mssecsvc.exe
    104 B
     2
  • 10.127.2.2:445
    mssecsvc.exe
    104 B
     2
  • 10.127.1.2:445
    mssecsvc.exe
    104 B
     2
  • 82.209.0.74:445
    mssecsvc.exe
    104 B
     2
  • 10.127.252.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.254.1:445
    mssecsvc.exe
    104 B
     2
  • 10.127.255.1:445
    mssecsvc.exe
    104 B
     2
  • 177.112.10.193:445
    mssecsvc.exe
    104 B
     2
  • 40.201.194.196:445
    mssecsvc.exe
    52 B
     1
  • 75.242.167.198:445
    mssecsvc.exe
    52 B
     1
  • 68.183.143.188:445
    mssecsvc.exe
    52 B
     1
  • 213.66.139.98:445
    mssecsvc.exe
    104 B
     2
  • 10.127.3.2:445
    mssecsvc.exe
    52 B
     1
  • 181.48.13.174:445
    mssecsvc.exe
    104 B
     2
  • 10.127.4.2:445
    mssecsvc.exe
    104 B
     2
  • 119.205.47.2:445
    mssecsvc.exe
    104 B
     2
  • 160.50.87.11:445
    mssecsvc.exe
    104 B
     2
  • 10.127.6.2:445
    mssecsvc.exe
    104 B
     2
  • 10.127.7.2:445
    mssecsvc.exe
    52 B
     1
  • 45.199.166.252:445
    mssecsvc.exe
    104 B
     2
  • 47.21.254.130:445
    mssecsvc.exe
    104 B
     2
  • 220.17.214.90:445
    mssecsvc.exe
    52 B
     1
  • 10.127.8.2:445
    mssecsvc.exe
    52 B
     1
  • 10.127.5.2:445
    mssecsvc.exe
    104 B
     2
  • 218.22.147.187:445
    mssecsvc.exe
    104 B
     2
  • 80.35.148.244:445
    mssecsvc.exe
    52 B
     1
  • 10.127.9.2:445
    mssecsvc.exe
    104 B
     2
  • 10.127.10.2:445
    mssecsvc.exe
    104 B
     2
  • 10.127.11.2:445
    mssecsvc.exe
    104 B
     2
  • 10.127.12.2:445
    mssecsvc.exe
    52 B
     1
  • 10.127.13.2:445
    mssecsvc.exe
    104 B
     2
  • 10.127.14.2:445
    mssecsvc.exe
    104 B
     2
  • 132.201.70.233:445
    mssecsvc.exe
    104 B
     2
  • 123.80.110.116:445
    mssecsvc.exe
    104 B
     2
  • 75.51.78.178:445
    mssecsvc.exe
    104 B
     2
  • 136.59.139.8:445
    mssecsvc.exe
    104 B
     2
  • 10.127.16.2:445
    mssecsvc.exe
    104 B
     2
  • 43.193.165.197:445
    mssecsvc.exe
    104 B
     2
  • 121.132.14.24:445
    mssecsvc.exe
    52 B
     1
  • 10.127.15.2:445
    mssecsvc.exe
    52 B
     1
  • 85.161.181.170:445
    mssecsvc.exe
    104 B
     2
  • 54.216.187.201:445
    mssecsvc.exe
    52 B
     1
  • 156.176.224.174:445
    mssecsvc.exe
    104 B
     2
  • 145.4.182.159:445
    mssecsvc.exe
    104 B
     2
  • 132.122.36.227:445
    mssecsvc.exe
    104 B
     2
  • 13.129.231.110:445
    mssecsvc.exe
    52 B
     1
  • 10.127.21.2:445
    mssecsvc.exe
    104 B
     2
  • 57.243.73.35:445
    mssecsvc.exe
    52 B
     1
  • 33.75.144.1:445
    mssecsvc.exe
    104 B
     2
  • 207.43.96.181:445
    mssecsvc.exe
    52 B
     1
  • 10.127.24.2:445
    mssecsvc.exe
    104 B
     2
  • 168.234.12.18:445
    mssecsvc.exe
    104 B
     2
  • 15.102.1.120:445
    mssecsvc.exe
    104 B
     2
  • 120.73.100.210:445
    mssecsvc.exe
    104 B
     2
  • 10.127.20.2:445
    mssecsvc.exe
    104 B
     2
  • 10.127.23.2:445
    mssecsvc.exe
    104 B
     2
  • 10.127.26.2:445
    mssecsvc.exe
    104 B
     2
  • 10.127.19.2:445
    mssecsvc.exe
    104 B
     2
  • 68.219.107.72:445
    mssecsvc.exe
    104 B
     2
  • 12.26.64.108:445
    mssecsvc.exe
    104 B
     2
  • 104.101.164.93:445
    mssecsvc.exe
    104 B
     2
  • 10.127.22.2:445
    mssecsvc.exe
    52 B
     1
  • 10.127.27.2:445
    mssecsvc.exe
    104 B
     2
  • 111.138.161.178:445
    mssecsvc.exe
    104 B
     2
  • 10.127.25.2:445
    mssecsvc.exe
    104 B
     2
  • 94.18.161.185:445
    mssecsvc.exe
    104 B
     2
  • 120.137.248.151:445
    mssecsvc.exe
    104 B
     2
  • 10.127.17.2:445
    mssecsvc.exe
    52 B
     1
  • 31.237.132.195:445
    mssecsvc.exe
    104 B
     2
  • 10.127.28.2:445
    mssecsvc.exe
    52 B
     1
  • 10.127.18.2:445
    mssecsvc.exe
    52 B
     1
  • 10.127.29.2:445
    mssecsvc.exe
    104 B
     2
  • 10.127.30.2:445
    mssecsvc.exe
    52 B
     1
  • 10.127.31.2:445
    mssecsvc.exe
    104 B
     2
  • 10.127.32.2:445
    mssecsvc.exe
    104 B
     2
  • 8.8.8.8:53
    www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com
    dns
    mssecsvc.exe
    95 B
     127 B
     1
    1

    DNS Request

    www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com

    DNS Response

    104.16.167.228
    104.16.166.228

  • 8.8.8.8:53
    8.8.8.8.in-addr.arpa
    dns
    66 B
     90 B
     1
    1

    DNS Request

    8.8.8.8.in-addr.arpa

  • 8.8.8.8:53
    228.167.16.104.in-addr.arpa
    dns
    73 B
     135 B
     1
    1

    DNS Request

    228.167.16.104.in-addr.arpa

  • 8.8.8.8:53
    154.239.44.20.in-addr.arpa
    dns
    72 B
     158 B
     1
    1

    DNS Request

    154.239.44.20.in-addr.arpa

  • 8.8.8.8:53
    81.144.22.2.in-addr.arpa
    dns
    70 B
     133 B
     1
    1

    DNS Request

    81.144.22.2.in-addr.arpa

  • 8.8.8.8:53
    75.159.190.20.in-addr.arpa
    dns
    72 B
     158 B
     1
    1

    DNS Request

    75.159.190.20.in-addr.arpa

  • 8.8.8.8:53
    58.55.71.13.in-addr.arpa
    dns
    70 B
     144 B
     1
    1

    DNS Request

    58.55.71.13.in-addr.arpa

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\mssecsvc.exe
    Filesize

    3.6MB

    MD5

    73066cb0b124925b94d56cad03e8d924

    SHA1

    e3dc4b59bb59ea7f112c2915f8ad08a08b98471a

    SHA256

    36523446dfe614180f546f07be678e5ca1fcdb1af603b6367b2f7063c9389c30

    SHA512

    760055d5f169d2973f769672a57eb303b20e1ebb242e8d24df10b76df636612399a65c9ab9667c7e374179506c0578423c2eb11d0f2943498d57c47cc2cb2024

    Download Submit

  • C:\Windows\tasksche.exe
    Filesize

    3.4MB

    MD5

    1baa65378f18f5fa8af049362c856994

    SHA1

    737d21e1623acb763e66177b13e8c5cacb03f2fc

    SHA256

    606476618eaec9bc7850d7c37e91bd7bbd2314931d76dd0e75e3e69d3355ff3d

    SHA512

    b246eb364f951422fc88529997efd3875a09fdec701e088b700dbe526581fccba830f5b4e95f83757bad50660bef7dd30f9b628ec20a94ad066ff8442a95047a

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.