Overview

overview

7

Static

static

3

2024-09-25...er.exe

windows7-x64

7

2024-09-25...er.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    25/09/2024, 03:50 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-09-25_dfc795b0145c41c3ec1d5f42a767186e_cryptolocker.exe

  • Size

    31KB

  • MD5

    dfc795b0145c41c3ec1d5f42a767186e

  • SHA1

    a6bf7d1504758bba72a581f7ae132ac7cfaf7f4d

  • SHA256

    81236e3f69869bba795978343212f9c1321b89166cfbb24190bf703a8d782673

  • SHA512

    e4b6f44bb75068f6386682ceb1c1bb842ec1f6546c73fc516b1881ab1e98d23819d09a9fc4f4b2938d2181eaf095e7377e5e26ff4a315d334d6513e9cb975136

  • SSDEEP

    768:Kf1K2exg2kBwtdgI2MyzNORQtOflIwoHNV2XBFV72BOlA7ZsBGGbNAKSjNfw:o1KhxqwtdgI2MyzNORQtOflIwoHNV2X1

Score
7/10
discovery

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of UnmapMainImage 2 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-09-25_dfc795b0145c41c3ec1d5f42a767186e_cryptolocker.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-09-25_dfc795b0145c41c3ec1d5f42a767186e_cryptolocker.exe"
    1⤵
    • Loads dropped DLL
    • System Location Discovery: System Language Discovery
    • Suspicious use of UnmapMainImage
    • Suspicious use of WriteProcessMemory
    PID:2548
    • C:\Users\Admin\AppData\Local\Temp\hurok.exe
      "C:\Users\Admin\AppData\Local\Temp\hurok.exe"
      2⤵
      • Executes dropped EXE
      • System Location Discovery: System Language Discovery
      • Suspicious use of UnmapMainImage
      PID:2424

Network

  • flag-us
    DNS
    gemlttwi.com
    hurok.exe
    Remote address:
    8.8.8.8:53
    Request
    gemlttwi.com
    IN A
    Response
    gemlttwi.com
    IN A
    192.185.35.56
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    453 B
     266 B
     7
    6
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    340 B
     219 B
     6
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     92 B
     4
    2
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     92 B
     4
    2
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    282 B
     212 B
     6
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    1.0kB
     219 B
     8
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    hurok.exe
    190 B
     132 B
     4
    3
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    393 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    355 B
     219 B
     5
    5
  • 192.185.35.56:443
    gemlttwi.com
    tls
    hurok.exe
    288 B
     219 B
     5
    5
  • 8.8.8.8:53
    gemlttwi.com
    dns
    hurok.exe
    58 B
     74 B
     1
    1

    DNS Request

    gemlttwi.com

    DNS Response

    192.185.35.56

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\hurok.exe
    Filesize

    31KB

    MD5

    44a81240e6e1f01db25a122b3badbdaf

    SHA1

    e19d2beafa3afdb051b1bcd56c8bd35bbc29e725

    SHA256

    c0d9e431cddc5cfa5cee20e0439ef497724b1bbc7314a294814bdf87a0e58b7a

    SHA512

    6a44c2ee557e353fff869b16190ad6b226c4855f86dc87c59c593a3882cf12578f4768649856de7324593b8522bd8b2b9861eb2ebe864c83a132d7436f8bc924

    Download Submit

  • memory/2548-8-0x00000000001C0000-0x00000000001C6000-memory.dmp

    Filesize

    24KB

    Download

  • memory/2548-1-0x0000000000400000-0x0000000000406000-memory.dmp

    Filesize

    24KB

    Download

  • memory/2548-0-0x00000000001C0000-0x00000000001C6000-memory.dmp

    Filesize

    24KB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.