Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

ZRK 1.1_[u...]_.zip

windows7-x64

1

ZRK 1.1_[u...]_.zip

windows10-2004-x64

ZRK 1.1 UC....1.exe

windows7-x64

1

ZRK 1.1 UC....1.exe

windows10-2004-x64

1

ZRK 1.1 UC...40.dll

windows7-x64

1

ZRK 1.1 UC...40.dll

windows10-2004-x64

1

ZRK 1.1 UC..._1.dll

windows7-x64

1

ZRK 1.1 UC..._1.dll

windows10-2004-x64

1

ZRK 1.1 UC...re.dll

windows7-x64

1

ZRK 1.1 UC...re.dll

windows10-2004-x64

1

ZRK 1.1 UC...us.dll

windows7-x64

1

ZRK 1.1 UC...us.dll

windows10-2004-x64

ZRK 1.1 UC...ui.dll

windows7-x64

1

ZRK 1.1 UC...ui.dll

windows10-2004-x64

6

ZRK 1.1 UC...rk.dll

windows7-x64

1

ZRK 1.1 UC...rk.dll

windows10-2004-x64

ZRK 1.1 UC...ml.dll

windows7-x64

1

ZRK 1.1 UC...ml.dll

windows10-2004-x64

ZRK 1.1 UC...ls.dll

windows7-x64

1

ZRK 1.1 UC...ls.dll

windows10-2004-x64

8

ZRK 1.1 UC...ck.dll

windows7-x64

1

ZRK 1.1 UC...ck.dll

windows10-2004-x64

1

ZRK 1.1 UC...vg.dll

windows7-x64

1

ZRK 1.1 UC...vg.dll

windows10-2004-x64

1

ZRK 1.1 UC...ts.dll

windows7-x64

1

ZRK 1.1 UC...ts.dll

windows10-2004-x64

1

ZRK 1.1 UC...ts.dll

windows7-x64

1

ZRK 1.1 UC...ts.dll

windows10-2004-x64

1

ZRK 1.1 UC...40.dll

windows7-x64

1

ZRK 1.1 UC...40.dll

windows10-2004-x64

1

ZRK 1.1 UC..._ar.qm

windows7-x64

3

ZRK 1.1 UC..._ar.qm

windows10-2004-x64

3

Analysis

  • max time kernel
    1799s
  • max time network
    1158s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14/10/2024, 13:52 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ZRK 1.1 UC/ZRK 1.1.exe

  • Size

    3.4MB

  • MD5

    2ca19aa3d5216097c87698c0b569273d

  • SHA1

    888e1e0eb175a4fef28d0d1285de3cb1605935da

  • SHA256

    996a9b97adfd11ecb4d3c29fa4b1ca3d0c606b924c5affc9c2eb2846878cee37

  • SHA512

    21285f484b73381e0b5598456238e585b73bfd37ef36a77c373a9f8696be4f360f42dbdcdb6d3509c332d3c9094e8fad93728d55c9c29451cdcd10506d9c3155

  • SSDEEP

    49152:/u8OcIghRNkpSbKGvSHTNP9gt0H0XBWspHXWtKdfgzcv+IaiqE8MrCBpgTY840lG:WCk0bKWEP9jHOB7XWtsf2QA5pgTY8Dl

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ZRK 1.1 UC\ZRK 1.1.exe
    "C:\Users\Admin\AppData\Local\Temp\ZRK 1.1 UC\ZRK 1.1.exe"
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3484
    • C:\Windows\system32\cmd.exe
      C:\Windows\system32\cmd.exe /c "ver"
      2⤵
        PID:548

    Network

    • flag-us
      DNS
      g.bing.com
      Remote address:
      8.8.8.8:53
      Request
      g.bing.com
      IN A
      Response
      g.bing.com
      IN CNAME
      g-bing-com.ax-0001.ax-msedge.net
      g-bing-com.ax-0001.ax-msedge.net
      IN CNAME
      ax-0001.ax-dc-msedge.net
      ax-0001.ax-dc-msedge.net
      IN A
      150.171.29.10
      ax-0001.ax-dc-msedge.net
      IN A
      150.171.30.10
    • flag-us
      DNS
      8.8.8.8.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      8.8.8.8.in-addr.arpa
      IN PTR
      Response
      8.8.8.8.in-addr.arpa
      IN PTR
      dnsgoogle
    • flag-us
      DNS
      138.32.126.40.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      138.32.126.40.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      102.209.201.84.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      102.209.201.84.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      10.29.171.150.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      10.29.171.150.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      95.221.229.192.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      95.221.229.192.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      50.23.12.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      50.23.12.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      18.31.95.13.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      18.31.95.13.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      172.214.232.199.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      172.214.232.199.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      75.209.201.84.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      75.209.201.84.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      205.47.74.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      205.47.74.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      tse1.mm.bing.net
      Remote address:
      8.8.8.8:53
      Request
      tse1.mm.bing.net
      IN A
      Response
      tse1.mm.bing.net
      IN CNAME
      mm-mm.bing.net.trafficmanager.net
      mm-mm.bing.net.trafficmanager.net
      IN CNAME
      ax-0001.ax-msedge.net
      ax-0001.ax-msedge.net
      IN A
      150.171.27.10
      ax-0001.ax-msedge.net
      IN A
      150.171.28.10
    • flag-us
      GET
      https://tse1.mm.bing.net/th?id=OADD2.10239360265013_1UVY69FM05I7V26BP&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
      Remote address:
      150.171.27.10:443
      Request
      GET /th?id=OADD2.10239360265013_1UVY69FM05I7V26BP&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
      host: tse1.mm.bing.net
      accept: */*
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      Response
      HTTP/2.0 200
      cache-control: public, max-age=2592000
      content-length: 195935
      content-type: image/jpeg
      x-cache: TCP_HIT
      access-control-allow-origin: *
      access-control-allow-headers: *
      access-control-allow-methods: GET, POST, OPTIONS
      timing-allow-origin: *
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: CFB79FD00E04444D9948402F2F8BB5E4 Ref B: LON601060102040 Ref C: 2024-10-14T13:59:01Z
      date: Mon, 14 Oct 2024 13:59:00 GMT
    • flag-us
      GET
      https://tse1.mm.bing.net/th?id=OADD2.10239360265014_1I9L6MC65FHDFQ9Z7&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
      Remote address:
      150.171.27.10:443
      Request
      GET /th?id=OADD2.10239360265014_1I9L6MC65FHDFQ9Z7&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
      host: tse1.mm.bing.net
      accept: */*
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      Response
      HTTP/2.0 200
      cache-control: public, max-age=2592000
      content-length: 436830
      content-type: image/jpeg
      x-cache: TCP_HIT
      access-control-allow-origin: *
      access-control-allow-headers: *
      access-control-allow-methods: GET, POST, OPTIONS
      timing-allow-origin: *
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: F3FEBF9B093E40F8B8C4C53715C77CBB Ref B: LON601060102040 Ref C: 2024-10-14T13:59:01Z
      date: Mon, 14 Oct 2024 13:59:00 GMT
    • flag-us
      GET
      https://tse1.mm.bing.net/th?id=OADD2.10239340418565_1OUCQO7VP7RV95UTY&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
      Remote address:
      150.171.27.10:443
      Request
      GET /th?id=OADD2.10239340418565_1OUCQO7VP7RV95UTY&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
      host: tse1.mm.bing.net
      accept: */*
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      Response
      HTTP/2.0 200
      cache-control: public, max-age=2592000
      content-length: 193575
      content-type: image/jpeg
      x-cache: TCP_HIT
      access-control-allow-origin: *
      access-control-allow-headers: *
      access-control-allow-methods: GET, POST, OPTIONS
      timing-allow-origin: *
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: B17084A24AD44472AF945222C8CDDA5F Ref B: LON601060102040 Ref C: 2024-10-14T13:59:01Z
      date: Mon, 14 Oct 2024 13:59:00 GMT
    • flag-us
      GET
      https://tse1.mm.bing.net/th?id=OADD2.10239355262897_1WRSJCEZM1EG3MR0G&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
      Remote address:
      150.171.27.10:443
      Request
      GET /th?id=OADD2.10239355262897_1WRSJCEZM1EG3MR0G&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
      host: tse1.mm.bing.net
      accept: */*
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      Response
      HTTP/2.0 200
      cache-control: public, max-age=2592000
      content-length: 1265436
      content-type: image/jpeg
      x-cache: TCP_HIT
      access-control-allow-origin: *
      access-control-allow-headers: *
      access-control-allow-methods: GET, POST, OPTIONS
      timing-allow-origin: *
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: B0E8697696AD4F06B80D73E507FA00A9 Ref B: LON601060102040 Ref C: 2024-10-14T13:59:01Z
      date: Mon, 14 Oct 2024 13:59:00 GMT
    • flag-us
      GET
      https://tse1.mm.bing.net/th?id=OADD2.10239340418566_1KUOCUMD7VRU52NBF&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
      Remote address:
      150.171.27.10:443
      Request
      GET /th?id=OADD2.10239340418566_1KUOCUMD7VRU52NBF&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
      host: tse1.mm.bing.net
      accept: */*
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      Response
      HTTP/2.0 200
      cache-control: public, max-age=2592000
      content-length: 344530
      content-type: image/jpeg
      x-cache: TCP_HIT
      access-control-allow-origin: *
      access-control-allow-headers: *
      access-control-allow-methods: GET, POST, OPTIONS
      timing-allow-origin: *
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: 9D70CB097D864C3CAE24DCFB79BEAA97 Ref B: LON601060102040 Ref C: 2024-10-14T13:59:01Z
      date: Mon, 14 Oct 2024 13:59:00 GMT
    • flag-us
      GET
      https://tse1.mm.bing.net/th?id=OADD2.10239355262898_1GZLH62E7DDOB6LZ5&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
      Remote address:
      150.171.27.10:443
      Request
      GET /th?id=OADD2.10239355262898_1GZLH62E7DDOB6LZ5&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
      host: tse1.mm.bing.net
      accept: */*
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
      Response
      HTTP/2.0 200
      cache-control: public, max-age=2592000
      content-length: 1420323
      content-type: image/jpeg
      x-cache: TCP_HIT
      access-control-allow-origin: *
      access-control-allow-headers: *
      access-control-allow-methods: GET, POST, OPTIONS
      timing-allow-origin: *
      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: 5BA05202D38A483290086CCA101FBF55 Ref B: LON601060102040 Ref C: 2024-10-14T13:59:01Z
      date: Mon, 14 Oct 2024 13:59:00 GMT
    • flag-us
      DNS
      10.27.171.150.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      10.27.171.150.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      85.65.42.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      85.65.42.20.in-addr.arpa
      IN PTR
      Response
    • 150.171.29.10:443
      g.bing.com
      tls
      2.0kB
       9.4kB
       22
      20
    • 150.171.27.10:443
      https://tse1.mm.bing.net/th?id=OADD2.10239355262898_1GZLH62E7DDOB6LZ5&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
      tls, http2
      139.5kB
       4.0MB
       2914
      2910

      HTTP Request

      GET https://tse1.mm.bing.net/th?id=OADD2.10239360265013_1UVY69FM05I7V26BP&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

      HTTP Request

      GET https://tse1.mm.bing.net/th?id=OADD2.10239360265014_1I9L6MC65FHDFQ9Z7&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

      HTTP Request

      GET https://tse1.mm.bing.net/th?id=OADD2.10239340418565_1OUCQO7VP7RV95UTY&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

      HTTP Request

      GET https://tse1.mm.bing.net/th?id=OADD2.10239355262897_1WRSJCEZM1EG3MR0G&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

      HTTP Response

      200

      HTTP Request

      GET https://tse1.mm.bing.net/th?id=OADD2.10239340418566_1KUOCUMD7VRU52NBF&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

      HTTP Response

      200

      HTTP Response

      200

      HTTP Response

      200

      HTTP Response

      200

      HTTP Request

      GET https://tse1.mm.bing.net/th?id=OADD2.10239355262898_1GZLH62E7DDOB6LZ5&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

      HTTP Response

      200
    • 150.171.27.10:443
      tse1.mm.bing.net
      tls, http2
      1.2kB
       6.9kB
       15
      13
    • 150.171.27.10:443
      tse1.mm.bing.net
      tls, http2
      1.2kB
       6.9kB
       15
      13
    • 150.171.27.10:443
      tse1.mm.bing.net
      tls, http2
      1.2kB
       6.9kB
       15
      13
    • 150.171.27.10:443
      tse1.mm.bing.net
      tls, http2
      1.2kB
       6.9kB
       15
      13
    • 8.8.8.8:53
      g.bing.com
      dns
      56 B
       169 B
       1
      1

      DNS Request

      g.bing.com

      DNS Response

      150.171.29.10
      150.171.30.10

    • 8.8.8.8:53
      8.8.8.8.in-addr.arpa
      dns
      66 B
       90 B
       1
      1

      DNS Request

      8.8.8.8.in-addr.arpa

    • 8.8.8.8:53
      138.32.126.40.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      138.32.126.40.in-addr.arpa

    • 8.8.8.8:53
      102.209.201.84.in-addr.arpa
      dns
      73 B
       133 B
       1
      1

      DNS Request

      102.209.201.84.in-addr.arpa

    • 8.8.8.8:53
      10.29.171.150.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      10.29.171.150.in-addr.arpa

    • 8.8.8.8:53
      95.221.229.192.in-addr.arpa
      dns
      73 B
       144 B
       1
      1

      DNS Request

      95.221.229.192.in-addr.arpa

    • 8.8.8.8:53
      50.23.12.20.in-addr.arpa
      dns
      70 B
       156 B
       1
      1

      DNS Request

      50.23.12.20.in-addr.arpa

    • 8.8.8.8:53
      18.31.95.13.in-addr.arpa
      dns
      70 B
       144 B
       1
      1

      DNS Request

      18.31.95.13.in-addr.arpa

    • 8.8.8.8:53
      172.214.232.199.in-addr.arpa
      dns
      74 B
       128 B
       1
      1

      DNS Request

      172.214.232.199.in-addr.arpa

    • 8.8.8.8:53
      75.209.201.84.in-addr.arpa
      dns
      72 B
       132 B
       1
      1

      DNS Request

      75.209.201.84.in-addr.arpa

    • 8.8.8.8:53
      205.47.74.20.in-addr.arpa
      dns
      71 B
       157 B
       1
      1

      DNS Request

      205.47.74.20.in-addr.arpa

    • 8.8.8.8:53
      tse1.mm.bing.net
      dns
      62 B
       170 B
       1
      1

      DNS Request

      tse1.mm.bing.net

      DNS Response

      150.171.27.10
      150.171.28.10

    • 8.8.8.8:53
      10.27.171.150.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      10.27.171.150.in-addr.arpa

    • 8.8.8.8:53
      85.65.42.20.in-addr.arpa
      dns
      70 B
       156 B
       1
      1

      DNS Request

      85.65.42.20.in-addr.arpa

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3484-0-0x00007FFE432C0000-0x00007FFE437B0000-memory.dmp

      Filesize

      4.9MB

      Download

    • memory/3484-1-0x00007FFE42D70000-0x00007FFE432B1000-memory.dmp

      Filesize

      5.3MB

      Download

    • memory/3484-2-0x00007FFE41E70000-0x00007FFE420D3000-memory.dmp

      Filesize

      2.4MB

      Download

    • memory/3484-3-0x00007FFE41C00000-0x00007FFE41E65000-memory.dmp

      Filesize

      2.4MB

      Download

    • memory/3484-4-0x0000025DD9A60000-0x0000025DD9A70000-memory.dmp

      Filesize

      64KB

      Download

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.