Analysis
-
max time kernel
1791s -
max time network
1793s -
platform
windows7_x64 -
resource
win7-20241023-en -
resource tags
-
submitted
11-11-2024 07:17
General
-
Target
2018-01-28-Seamless-campaign-Rig-EK-payload-GandCrab-ransomware.exe
-
Size
145KB
-
MD5
8141ae1b905d61f4e0d3534052e45364
-
SHA1
a9d17cd249f4f882d1e2128d7f25bd13b20d9da2
-
SHA256
0e47b58d99eaf5ca77f7c1b4e03e779992c7e9bf7860ec5e6cd817b4d9199b63
-
SHA512
cb980feeab2c4e8ccb28c0b0cefe827574fe0e7a2f7390dbb36aac78dd0f9c7501b8e4d78393f58c8edec3c88928a4b068992ebc6449b7739c2a0e8188aa30fa
-
SSDEEP
3072:PVWq+fziq1cEhIv/7M7BC/FTqdVY77C37R:Pn+fziq1VIv
Score
10/10
Malware Config
Signatures
-
GandCrab payload 59 IoCs
-
Gandcrab
Gandcrab is a Trojan horse that encrypts files on a computer.
-
Gandcrab family
-
Unexpected DNS network traffic destination 64 IoCs
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Enumerates connected drives 3 TTPs 23 IoCs
Attempts to read the root path of hard drives other than the default C: drive.
-
System Location Discovery: System Language Discovery 1 TTPs 64 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
System Network Configuration Discovery: Internet Connection Discovery 1 TTPs 32 IoCs
Adversaries may check for Internet connectivity on compromised systems.
-
Checks processor information in registry 2 TTPs 3 IoCs
Processor information is often read in order to detect sandboxing environments.
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2018-01-28-Seamless-campaign-Rig-EK-payload-GandCrab-ransomware.exe"C:\Users\Admin\AppData\Local\Temp\2018-01-28-Seamless-campaign-Rig-EK-payload-GandCrab-ransomware.exe"1⤵
- Enumerates connected drives
- Checks processor information in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\nslookup.exenslookup nomoreransom.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup bleepingcomputer.bit a.dnspod.com2⤵
- System Network Configuration Discovery: Internet Connection Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup emsisoft.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup esetnod32.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup gandcrab.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup nomoreransom.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup bleepingcomputer.bit a.dnspod.com2⤵
- System Network Configuration Discovery: Internet Connection Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup emsisoft.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup esetnod32.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup gandcrab.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup nomoreransom.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup bleepingcomputer.bit a.dnspod.com2⤵
- System Network Configuration Discovery: Internet Connection Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup emsisoft.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup esetnod32.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup gandcrab.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup nomoreransom.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup bleepingcomputer.bit a.dnspod.com2⤵
- System Network Configuration Discovery: Internet Connection Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup emsisoft.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup esetnod32.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup gandcrab.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup nomoreransom.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup bleepingcomputer.bit a.dnspod.com2⤵
- System Network Configuration Discovery: Internet Connection Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup emsisoft.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup esetnod32.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup gandcrab.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup nomoreransom.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup bleepingcomputer.bit a.dnspod.com2⤵
- System Network Configuration Discovery: Internet Connection Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup emsisoft.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup esetnod32.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup gandcrab.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup nomoreransom.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup bleepingcomputer.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
- System Network Configuration Discovery: Internet Connection Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup emsisoft.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup esetnod32.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup gandcrab.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup nomoreransom.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup bleepingcomputer.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
- System Network Configuration Discovery: Internet Connection Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup emsisoft.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup esetnod32.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup gandcrab.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup nomoreransom.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup bleepingcomputer.bit a.dnspod.com2⤵
- System Network Configuration Discovery: Internet Connection Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup emsisoft.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup esetnod32.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup gandcrab.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup nomoreransom.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup bleepingcomputer.bit a.dnspod.com2⤵
- System Network Configuration Discovery: Internet Connection Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup emsisoft.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup esetnod32.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup gandcrab.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup nomoreransom.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup bleepingcomputer.bit a.dnspod.com2⤵
- System Network Configuration Discovery: Internet Connection Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup emsisoft.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup esetnod32.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup gandcrab.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup nomoreransom.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup bleepingcomputer.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
- System Network Configuration Discovery: Internet Connection Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup emsisoft.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup esetnod32.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup gandcrab.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup nomoreransom.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup bleepingcomputer.bit a.dnspod.com2⤵
- System Network Configuration Discovery: Internet Connection Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup emsisoft.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup esetnod32.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup gandcrab.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup nomoreransom.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup bleepingcomputer.bit a.dnspod.com2⤵
- System Network Configuration Discovery: Internet Connection Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup emsisoft.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup esetnod32.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup gandcrab.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup nomoreransom.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup bleepingcomputer.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
- System Network Configuration Discovery: Internet Connection Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup emsisoft.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup esetnod32.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup gandcrab.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup nomoreransom.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup bleepingcomputer.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
- System Network Configuration Discovery: Internet Connection Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup emsisoft.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup esetnod32.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup gandcrab.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup nomoreransom.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup bleepingcomputer.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
- System Network Configuration Discovery: Internet Connection Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup emsisoft.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup esetnod32.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup gandcrab.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup nomoreransom.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup bleepingcomputer.bit a.dnspod.com2⤵
- System Network Configuration Discovery: Internet Connection Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup emsisoft.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup esetnod32.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup gandcrab.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup nomoreransom.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup bleepingcomputer.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
- System Network Configuration Discovery: Internet Connection Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup emsisoft.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup esetnod32.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup gandcrab.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup nomoreransom.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup bleepingcomputer.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
- System Network Configuration Discovery: Internet Connection Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup emsisoft.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup esetnod32.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup gandcrab.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup nomoreransom.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup bleepingcomputer.bit a.dnspod.com2⤵
- System Network Configuration Discovery: Internet Connection Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup emsisoft.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup esetnod32.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup gandcrab.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup nomoreransom.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup bleepingcomputer.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
- System Network Configuration Discovery: Internet Connection Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup emsisoft.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup esetnod32.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup gandcrab.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup nomoreransom.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup bleepingcomputer.bit a.dnspod.com2⤵
- System Network Configuration Discovery: Internet Connection Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup emsisoft.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup esetnod32.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup gandcrab.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup nomoreransom.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup bleepingcomputer.bit a.dnspod.com2⤵
- System Network Configuration Discovery: Internet Connection Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup emsisoft.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup esetnod32.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup gandcrab.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup nomoreransom.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup bleepingcomputer.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
- System Network Configuration Discovery: Internet Connection Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup emsisoft.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup esetnod32.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup gandcrab.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup nomoreransom.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup bleepingcomputer.bit a.dnspod.com2⤵
- System Network Configuration Discovery: Internet Connection Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup emsisoft.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup esetnod32.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup gandcrab.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup nomoreransom.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup bleepingcomputer.bit a.dnspod.com2⤵
- System Network Configuration Discovery: Internet Connection Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup emsisoft.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup esetnod32.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup gandcrab.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup nomoreransom.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup bleepingcomputer.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
- System Network Configuration Discovery: Internet Connection Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup emsisoft.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup esetnod32.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup gandcrab.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup nomoreransom.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup bleepingcomputer.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
- System Network Configuration Discovery: Internet Connection Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup emsisoft.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup esetnod32.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup gandcrab.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup nomoreransom.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup bleepingcomputer.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
- System Network Configuration Discovery: Internet Connection Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup emsisoft.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup esetnod32.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup gandcrab.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup nomoreransom.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup bleepingcomputer.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
- System Network Configuration Discovery: Internet Connection Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup emsisoft.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup esetnod32.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup gandcrab.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup nomoreransom.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup bleepingcomputer.bit a.dnspod.com2⤵
- System Network Configuration Discovery: Internet Connection Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup emsisoft.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
-
C:\Windows\SysWOW64\nslookup.exenslookup esetnod32.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup gandcrab.bit a.dnspod.com2⤵
-
-
C:\Windows\SysWOW64\nslookup.exenslookup nomoreransom.bit a.dnspod.com2⤵
- System Location Discovery: System Language Discovery
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1024KB
-
Filesize
88KB
-
Filesize
1024KB
-
Filesize
176KB
-
Filesize
88KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB
-
Filesize
176KB