Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

5

FILE_InstallMeAny.exe

windows7-x64

5

FILE_InstallMeAny.exe

windows10-2004-x64

5

FILE_InstallMeExe.dll

windows7-x64

10

FILE_InstallMeExe.dll

windows10-2004-x64

10

Analysis

  • max time kernel
    147s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • submitted
    25/11/2024, 19:25 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    FILE_InstallMeExe.dll

Score
10/10
bumblebee138704loader

Malware Config

Extracted

Family

bumblebee

Botnet

138704

Attributes
  • dga

    45urhm0ldgxb.live

    gx6xly9rp6vl.live

    zv46ga4ntybq.live

    7n1hfolmrnbl.live

    vivh2xlt9i6q.live

    97t3nh4kk510.live

    kbkdtwucfl40.live

    qk6a1ahb63uz.live

    whko7loy7h5z.live

    dad1zg44n0bn.live

    7xwz4hw8dts9.live

    ovekd5n3gklq.live

    amwnef8mjo4v.live

    e7ivqfhnss0x.live

    rjql4nicl6bg.live

    4mo318kk29i4.live

    zpo18lm8vg1x.live

    jc51pt290y0n.live

    rg26t2dc4hf4.live

    qw9a58vunuja.live

    ugm94zjzl5nl.live

    mckag832orba.live

    pdw0v9voxlxr.live

    m4tx2apfmoxo.live

    n2uc737ef71m.live

    hkk3112645hz.live

    ugko9g5ipa4o.live

    8wgq2x4dybx9.live

    h81fx7sj8srr.live

    a4tgoqi1cm8x.live

  • dga_seed

    7834006444057268685

  • domain_length

    12

  • num_dga_domains

    300

  • port

    443

rc4.plain
1
NEW_BLACK

Signatures

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\FILE_InstallMeExe.dll
    1⤵
      PID:2672

    Network

    • flag-us
      DNS
      45urhm0ldgxb.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      45urhm0ldgxb.live
      IN A
      Response
      45urhm0ldgxb.live
      IN A
      149.154.153.2
    • flag-us
      DNS
      gx6xly9rp6vl.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      gx6xly9rp6vl.live
      IN A
      Response
      gx6xly9rp6vl.live
      IN A
      45.155.37.158
    • flag-us
      DNS
      zv46ga4ntybq.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      zv46ga4ntybq.live
      IN A
      Response
      zv46ga4ntybq.live
      IN A
      188.166.15.250
    • flag-us
      DNS
      7n1hfolmrnbl.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      7n1hfolmrnbl.live
      IN A
      Response
      7n1hfolmrnbl.live
      IN A
      188.166.15.250
    • flag-us
      DNS
      vivh2xlt9i6q.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      vivh2xlt9i6q.live
      IN A
      Response
      vivh2xlt9i6q.live
      IN A
      188.166.15.250
    • flag-us
      DNS
      97t3nh4kk510.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      97t3nh4kk510.live
      IN A
      Response
      97t3nh4kk510.live
      IN A
      188.166.15.250
    • flag-us
      DNS
      kbkdtwucfl40.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      kbkdtwucfl40.live
      IN A
      Response
      kbkdtwucfl40.live
      IN A
      188.166.15.250
    • flag-us
      DNS
      qk6a1ahb63uz.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      qk6a1ahb63uz.live
      IN A
      Response
      qk6a1ahb63uz.live
      IN A
      188.166.15.250
    • flag-us
      DNS
      whko7loy7h5z.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      whko7loy7h5z.live
      IN A
      Response
    • flag-us
      DNS
      dad1zg44n0bn.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      dad1zg44n0bn.live
      IN A
      Response
      dad1zg44n0bn.live
      IN A
      188.166.15.250
    • flag-us
      DNS
      7xwz4hw8dts9.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      7xwz4hw8dts9.live
      IN A
      Response
      7xwz4hw8dts9.live
      IN A
      188.166.15.250
    • flag-us
      DNS
      ovekd5n3gklq.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      ovekd5n3gklq.live
      IN A
      Response
      ovekd5n3gklq.live
      IN A
      188.166.15.250
    • flag-us
      DNS
      amwnef8mjo4v.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      amwnef8mjo4v.live
      IN A
      Response
      amwnef8mjo4v.live
      IN A
      188.166.15.250
    • flag-us
      DNS
      e7ivqfhnss0x.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      e7ivqfhnss0x.live
      IN A
      Response
      e7ivqfhnss0x.live
      IN A
      188.166.15.250
    • flag-us
      DNS
      rjql4nicl6bg.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      rjql4nicl6bg.live
      IN A
      Response
      rjql4nicl6bg.live
      IN A
      188.166.15.250
    • flag-us
      DNS
      4mo318kk29i4.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      4mo318kk29i4.live
      IN A
      Response
      4mo318kk29i4.live
      IN A
      188.166.15.250
    • flag-us
      DNS
      zpo18lm8vg1x.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      zpo18lm8vg1x.live
      IN A
      Response
    • flag-us
      DNS
      jc51pt290y0n.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      jc51pt290y0n.live
      IN A
      Response
      jc51pt290y0n.live
      IN A
      188.166.15.250
    • flag-us
      DNS
      rg26t2dc4hf4.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      rg26t2dc4hf4.live
      IN A
      Response
      rg26t2dc4hf4.live
      IN A
      188.166.15.250
    • flag-us
      DNS
      qw9a58vunuja.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      qw9a58vunuja.live
      IN A
      Response
      qw9a58vunuja.live
      IN A
      188.166.15.250
    • flag-us
      DNS
      ugm94zjzl5nl.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      ugm94zjzl5nl.live
      IN A
      Response
      ugm94zjzl5nl.live
      IN A
      188.166.15.250
    • flag-us
      DNS
      mckag832orba.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      mckag832orba.live
      IN A
      Response
      mckag832orba.live
      IN A
      188.166.15.250
    • flag-us
      DNS
      pdw0v9voxlxr.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      pdw0v9voxlxr.live
      IN A
      Response
      pdw0v9voxlxr.live
      IN A
      188.166.15.250
    • flag-us
      DNS
      m4tx2apfmoxo.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      m4tx2apfmoxo.live
      IN A
      Response
      m4tx2apfmoxo.live
      IN A
      188.166.15.250
    • flag-us
      DNS
      n2uc737ef71m.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      n2uc737ef71m.live
      IN A
      Response
      n2uc737ef71m.live
      IN A
      188.166.15.250
    • flag-us
      DNS
      hkk3112645hz.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      hkk3112645hz.live
      IN A
      Response
      hkk3112645hz.live
      IN A
      188.166.15.250
    • flag-us
      DNS
      ugko9g5ipa4o.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      ugko9g5ipa4o.live
      IN A
      Response
      ugko9g5ipa4o.live
      IN A
      188.166.15.250
    • flag-us
      DNS
      8wgq2x4dybx9.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      8wgq2x4dybx9.live
      IN A
      Response
      8wgq2x4dybx9.live
      IN A
      188.166.15.250
    • flag-us
      DNS
      h81fx7sj8srr.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      h81fx7sj8srr.live
      IN A
      Response
      h81fx7sj8srr.live
      IN A
      188.166.15.250
    • flag-us
      DNS
      a4tgoqi1cm8x.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      a4tgoqi1cm8x.live
      IN A
      Response
      a4tgoqi1cm8x.live
      IN A
      188.166.15.250
    • flag-us
      DNS
      kse2q7uxyrwp.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      kse2q7uxyrwp.live
      IN A
      Response
      kse2q7uxyrwp.live
      IN A
      188.166.15.250
    • flag-us
      DNS
      mfwnbxvt9qme.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      mfwnbxvt9qme.live
      IN A
      Response
      mfwnbxvt9qme.live
      IN A
      188.166.15.250
    • flag-us
      DNS
      x99ahfftf28l.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      x99ahfftf28l.live
      IN A
      Response
    • flag-us
      DNS
      9n6bmko47gxe.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      9n6bmko47gxe.live
      IN A
      Response
      9n6bmko47gxe.live
      IN A
      188.166.15.250
    • flag-us
      DNS
      6l96lk6edlyf.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      6l96lk6edlyf.live
      IN A
      Response
      6l96lk6edlyf.live
      IN A
      188.166.15.250
    • flag-us
      DNS
      st5j8zqdrppf.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      st5j8zqdrppf.live
      IN A
      Response
      st5j8zqdrppf.live
      IN A
      188.166.15.250
    • flag-us
      DNS
      dxjeucbj4p0j.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      dxjeucbj4p0j.live
      IN A
      Response
      dxjeucbj4p0j.live
      IN A
      188.166.15.250
    • flag-us
      DNS
      bnpuxnov7lhr.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      bnpuxnov7lhr.live
      IN A
      Response
      bnpuxnov7lhr.live
      IN A
      188.166.15.250
    • flag-us
      DNS
      a8bxv8lqe1m0.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      a8bxv8lqe1m0.live
      IN A
      Response
      a8bxv8lqe1m0.live
      IN A
      188.166.15.250
    • flag-us
      DNS
      yczi2ujcyyro.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      yczi2ujcyyro.live
      IN A
      Response
    • flag-us
      DNS
      sbeo0cztn1kh.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      sbeo0cztn1kh.live
      IN A
      Response
      sbeo0cztn1kh.live
      IN A
      188.166.15.250
    • flag-us
      DNS
      o337yf9fh4bf.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      o337yf9fh4bf.live
      IN A
      Response
      o337yf9fh4bf.live
      IN A
      188.166.15.250
    • flag-us
      DNS
      zoki7ma89z7b.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      zoki7ma89z7b.live
      IN A
      Response
    • flag-us
      DNS
      x2r9bglz76r7.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      x2r9bglz76r7.live
      IN A
      Response
    • flag-us
      DNS
      wi1w9yu1vush.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      wi1w9yu1vush.live
      IN A
      Response
    • flag-us
      DNS
      mtqdvzkai700.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      mtqdvzkai700.live
      IN A
      Response
      mtqdvzkai700.live
      IN A
      188.166.15.250
    • flag-us
      DNS
      r6o2sj70m85m.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      r6o2sj70m85m.live
      IN A
      Response
      r6o2sj70m85m.live
      IN A
      188.166.15.250
    • flag-us
      DNS
      ut6qohwra5lm.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      ut6qohwra5lm.live
      IN A
      Response
      ut6qohwra5lm.live
      IN A
      188.166.15.250
    • flag-us
      DNS
      9yi98fh7usy1.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      9yi98fh7usy1.live
      IN A
      Response
      9yi98fh7usy1.live
      IN A
      188.166.15.250
    • flag-us
      DNS
      kkpjp9jzbzba.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      kkpjp9jzbzba.live
      IN A
      Response
      kkpjp9jzbzba.live
      IN A
      188.166.15.250
    • flag-us
      DNS
      whvffwd7zphw.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      whvffwd7zphw.live
      IN A
      Response
    • flag-us
      DNS
      uztmazsno4y5.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      uztmazsno4y5.live
      IN A
      Response
      uztmazsno4y5.live
      IN A
      188.166.15.250
    • flag-us
      DNS
      i3iubj73c21c.live
      regsvr32.exe
      Remote address:
      8.8.8.8:53
      Request
      i3iubj73c21c.live
      IN A
      Response
      i3iubj73c21c.live
      IN A
      188.166.15.250
    • 188.166.15.250:443
      vivh2xlt9i6q.live
      https
      regsvr32.exe
      438 B
       252 B
       6
      6
    • 188.166.15.250:443
      97t3nh4kk510.live
      https
      regsvr32.exe
      438 B
       252 B
       6
      6
    • 188.166.15.250:443
      kbkdtwucfl40.live
      https
      regsvr32.exe
      438 B
       252 B
       6
      6
    • 188.166.15.250:443
      qk6a1ahb63uz.live
      https
      regsvr32.exe
      438 B
       252 B
       6
      6
    • 188.166.15.250:443
      dad1zg44n0bn.live
      https
      regsvr32.exe
      438 B
       252 B
       6
      6
    • 188.166.15.250:443
      ovekd5n3gklq.live
      https
      regsvr32.exe
      438 B
       252 B
       6
      6
    • 188.166.15.250:443
      rjql4nicl6bg.live
      https
      regsvr32.exe
      438 B
       252 B
       6
      6
    • 188.166.15.250:443
      rg26t2dc4hf4.live
      https
      regsvr32.exe
      438 B
       252 B
       6
      6
    • 188.166.15.250:443
      mckag832orba.live
      https
      regsvr32.exe
      438 B
       252 B
       6
      6
    • 188.166.15.250:443
      n2uc737ef71m.live
      https
      regsvr32.exe
      438 B
       252 B
       6
      6
    • 188.166.15.250:443
      8wgq2x4dybx9.live
      https
      regsvr32.exe
      438 B
       252 B
       6
      6
    • 188.166.15.250:443
      kse2q7uxyrwp.live
      https
      regsvr32.exe
      438 B
       252 B
       6
      6
    • 188.166.15.250:443
      6l96lk6edlyf.live
      https
      regsvr32.exe
      438 B
       252 B
       6
      6
    • 188.166.15.250:443
      bnpuxnov7lhr.live
      https
      regsvr32.exe
      438 B
       252 B
       6
      6
    • 188.166.15.250:443
      o337yf9fh4bf.live
      https
      regsvr32.exe
      438 B
       252 B
       6
      6
    • 188.166.15.250:443
      ut6qohwra5lm.live
      https
      regsvr32.exe
      438 B
       252 B
       6
      6
    • 188.166.15.250:443
      uztmazsno4y5.live
      https
      regsvr32.exe
      438 B
       252 B
       6
      6
    • 8.8.8.8:53
      45urhm0ldgxb.live
      dns
      regsvr32.exe
      63 B
       79 B
       1
      1

      DNS Request

      45urhm0ldgxb.live

      DNS Response

      149.154.153.2

    • 8.8.8.8:53
      gx6xly9rp6vl.live
      dns
      regsvr32.exe
      63 B
       79 B
       1
      1

      DNS Request

      gx6xly9rp6vl.live

      DNS Response

      45.155.37.158

    • 8.8.8.8:53
      zv46ga4ntybq.live
      dns
      regsvr32.exe
      63 B
       79 B
       1
      1

      DNS Request

      zv46ga4ntybq.live

      DNS Response

      188.166.15.250

    • 8.8.8.8:53
      7n1hfolmrnbl.live
      dns
      regsvr32.exe
      63 B
       79 B
       1
      1

      DNS Request

      7n1hfolmrnbl.live

      DNS Response

      188.166.15.250

    • 8.8.8.8:53
      vivh2xlt9i6q.live
      dns
      regsvr32.exe
      63 B
       79 B
       1
      1

      DNS Request

      vivh2xlt9i6q.live

      DNS Response

      188.166.15.250

    • 8.8.8.8:53
      97t3nh4kk510.live
      dns
      regsvr32.exe
      63 B
       79 B
       1
      1

      DNS Request

      97t3nh4kk510.live

      DNS Response

      188.166.15.250

    • 8.8.8.8:53
      kbkdtwucfl40.live
      dns
      regsvr32.exe
      63 B
       79 B
       1
      1

      DNS Request

      kbkdtwucfl40.live

      DNS Response

      188.166.15.250

    • 8.8.8.8:53
      qk6a1ahb63uz.live
      dns
      regsvr32.exe
      63 B
       79 B
       1
      1

      DNS Request

      qk6a1ahb63uz.live

      DNS Response

      188.166.15.250

    • 8.8.8.8:53
      whko7loy7h5z.live
      dns
      regsvr32.exe
      63 B
       131 B
       1
      1

      DNS Request

      whko7loy7h5z.live

    • 8.8.8.8:53
      dad1zg44n0bn.live
      dns
      regsvr32.exe
      63 B
       79 B
       1
      1

      DNS Request

      dad1zg44n0bn.live

      DNS Response

      188.166.15.250

    • 8.8.8.8:53
      7xwz4hw8dts9.live
      dns
      regsvr32.exe
      63 B
       79 B
       1
      1

      DNS Request

      7xwz4hw8dts9.live

      DNS Response

      188.166.15.250

    • 8.8.8.8:53
      ovekd5n3gklq.live
      dns
      regsvr32.exe
      63 B
       79 B
       1
      1

      DNS Request

      ovekd5n3gklq.live

      DNS Response

      188.166.15.250

    • 8.8.8.8:53
      amwnef8mjo4v.live
      dns
      regsvr32.exe
      63 B
       79 B
       1
      1

      DNS Request

      amwnef8mjo4v.live

      DNS Response

      188.166.15.250

    • 8.8.8.8:53
      e7ivqfhnss0x.live
      dns
      regsvr32.exe
      63 B
       79 B
       1
      1

      DNS Request

      e7ivqfhnss0x.live

      DNS Response

      188.166.15.250

    • 8.8.8.8:53
      rjql4nicl6bg.live
      dns
      regsvr32.exe
      63 B
       79 B
       1
      1

      DNS Request

      rjql4nicl6bg.live

      DNS Response

      188.166.15.250

    • 8.8.8.8:53
      4mo318kk29i4.live
      dns
      regsvr32.exe
      63 B
       79 B
       1
      1

      DNS Request

      4mo318kk29i4.live

      DNS Response

      188.166.15.250

    • 8.8.8.8:53
      zpo18lm8vg1x.live
      dns
      regsvr32.exe
      63 B
       131 B
       1
      1

      DNS Request

      zpo18lm8vg1x.live

    • 8.8.8.8:53
      jc51pt290y0n.live
      dns
      regsvr32.exe
      63 B
       79 B
       1
      1

      DNS Request

      jc51pt290y0n.live

      DNS Response

      188.166.15.250

    • 8.8.8.8:53
      rg26t2dc4hf4.live
      dns
      regsvr32.exe
      63 B
       79 B
       1
      1

      DNS Request

      rg26t2dc4hf4.live

      DNS Response

      188.166.15.250

    • 8.8.8.8:53
      qw9a58vunuja.live
      dns
      regsvr32.exe
      63 B
       79 B
       1
      1

      DNS Request

      qw9a58vunuja.live

      DNS Response

      188.166.15.250

    • 8.8.8.8:53
      ugm94zjzl5nl.live
      dns
      regsvr32.exe
      63 B
       79 B
       1
      1

      DNS Request

      ugm94zjzl5nl.live

      DNS Response

      188.166.15.250

    • 8.8.8.8:53
      mckag832orba.live
      dns
      regsvr32.exe
      63 B
       79 B
       1
      1

      DNS Request

      mckag832orba.live

      DNS Response

      188.166.15.250

    • 8.8.8.8:53
      pdw0v9voxlxr.live
      dns
      regsvr32.exe
      63 B
       79 B
       1
      1

      DNS Request

      pdw0v9voxlxr.live

      DNS Response

      188.166.15.250

    • 8.8.8.8:53
      m4tx2apfmoxo.live
      dns
      regsvr32.exe
      63 B
       79 B
       1
      1

      DNS Request

      m4tx2apfmoxo.live

      DNS Response

      188.166.15.250

    • 8.8.8.8:53
      n2uc737ef71m.live
      dns
      regsvr32.exe
      63 B
       79 B
       1
      1

      DNS Request

      n2uc737ef71m.live

      DNS Response

      188.166.15.250

    • 8.8.8.8:53
      hkk3112645hz.live
      dns
      regsvr32.exe
      63 B
       79 B
       1
      1

      DNS Request

      hkk3112645hz.live

      DNS Response

      188.166.15.250

    • 8.8.8.8:53
      ugko9g5ipa4o.live
      dns
      regsvr32.exe
      63 B
       79 B
       1
      1

      DNS Request

      ugko9g5ipa4o.live

      DNS Response

      188.166.15.250

    • 8.8.8.8:53
      8wgq2x4dybx9.live
      dns
      regsvr32.exe
      63 B
       79 B
       1
      1

      DNS Request

      8wgq2x4dybx9.live

      DNS Response

      188.166.15.250

    • 8.8.8.8:53
      h81fx7sj8srr.live
      dns
      regsvr32.exe
      63 B
       79 B
       1
      1

      DNS Request

      h81fx7sj8srr.live

      DNS Response

      188.166.15.250

    • 8.8.8.8:53
      a4tgoqi1cm8x.live
      dns
      regsvr32.exe
      63 B
       79 B
       1
      1

      DNS Request

      a4tgoqi1cm8x.live

      DNS Response

      188.166.15.250

    • 8.8.8.8:53
      kse2q7uxyrwp.live
      dns
      regsvr32.exe
      63 B
       79 B
       1
      1

      DNS Request

      kse2q7uxyrwp.live

      DNS Response

      188.166.15.250

    • 8.8.8.8:53
      mfwnbxvt9qme.live
      dns
      regsvr32.exe
      63 B
       79 B
       1
      1

      DNS Request

      mfwnbxvt9qme.live

      DNS Response

      188.166.15.250

    • 8.8.8.8:53
      x99ahfftf28l.live
      dns
      regsvr32.exe
      63 B
       131 B
       1
      1

      DNS Request

      x99ahfftf28l.live

    • 8.8.8.8:53
      9n6bmko47gxe.live
      dns
      regsvr32.exe
      63 B
       79 B
       1
      1

      DNS Request

      9n6bmko47gxe.live

      DNS Response

      188.166.15.250

    • 8.8.8.8:53
      6l96lk6edlyf.live
      dns
      regsvr32.exe
      63 B
       79 B
       1
      1

      DNS Request

      6l96lk6edlyf.live

      DNS Response

      188.166.15.250

    • 8.8.8.8:53
      st5j8zqdrppf.live
      dns
      regsvr32.exe
      63 B
       79 B
       1
      1

      DNS Request

      st5j8zqdrppf.live

      DNS Response

      188.166.15.250

    • 8.8.8.8:53
      dxjeucbj4p0j.live
      dns
      regsvr32.exe
      63 B
       79 B
       1
      1

      DNS Request

      dxjeucbj4p0j.live

      DNS Response

      188.166.15.250

    • 8.8.8.8:53
      bnpuxnov7lhr.live
      dns
      regsvr32.exe
      63 B
       79 B
       1
      1

      DNS Request

      bnpuxnov7lhr.live

      DNS Response

      188.166.15.250

    • 8.8.8.8:53
      a8bxv8lqe1m0.live
      dns
      regsvr32.exe
      63 B
       79 B
       1
      1

      DNS Request

      a8bxv8lqe1m0.live

      DNS Response

      188.166.15.250

    • 8.8.8.8:53
      yczi2ujcyyro.live
      dns
      regsvr32.exe
      63 B
       131 B
       1
      1

      DNS Request

      yczi2ujcyyro.live

    • 8.8.8.8:53
      sbeo0cztn1kh.live
      dns
      regsvr32.exe
      63 B
       79 B
       1
      1

      DNS Request

      sbeo0cztn1kh.live

      DNS Response

      188.166.15.250

    • 8.8.8.8:53
      o337yf9fh4bf.live
      dns
      regsvr32.exe
      63 B
       79 B
       1
      1

      DNS Request

      o337yf9fh4bf.live

      DNS Response

      188.166.15.250

    • 8.8.8.8:53
      zoki7ma89z7b.live
      dns
      regsvr32.exe
      63 B
       131 B
       1
      1

      DNS Request

      zoki7ma89z7b.live

    • 8.8.8.8:53
      x2r9bglz76r7.live
      dns
      regsvr32.exe
      63 B
       131 B
       1
      1

      DNS Request

      x2r9bglz76r7.live

    • 8.8.8.8:53
      wi1w9yu1vush.live
      dns
      regsvr32.exe
      63 B
       131 B
       1
      1

      DNS Request

      wi1w9yu1vush.live

    • 8.8.8.8:53
      mtqdvzkai700.live
      dns
      regsvr32.exe
      63 B
       79 B
       1
      1

      DNS Request

      mtqdvzkai700.live

      DNS Response

      188.166.15.250

    • 8.8.8.8:53
      r6o2sj70m85m.live
      dns
      regsvr32.exe
      63 B
       79 B
       1
      1

      DNS Request

      r6o2sj70m85m.live

      DNS Response

      188.166.15.250

    • 8.8.8.8:53
      ut6qohwra5lm.live
      dns
      regsvr32.exe
      63 B
       79 B
       1
      1

      DNS Request

      ut6qohwra5lm.live

      DNS Response

      188.166.15.250

    • 8.8.8.8:53
      9yi98fh7usy1.live
      dns
      regsvr32.exe
      63 B
       79 B
       1
      1

      DNS Request

      9yi98fh7usy1.live

      DNS Response

      188.166.15.250

    • 8.8.8.8:53
      kkpjp9jzbzba.live
      dns
      regsvr32.exe
      63 B
       79 B
       1
      1

      DNS Request

      kkpjp9jzbzba.live

      DNS Response

      188.166.15.250

    • 8.8.8.8:53
      whvffwd7zphw.live
      dns
      regsvr32.exe
      63 B
       131 B
       1
      1

      DNS Request

      whvffwd7zphw.live

    • 8.8.8.8:53
      uztmazsno4y5.live
      dns
      regsvr32.exe
      63 B
       79 B
       1
      1

      DNS Request

      uztmazsno4y5.live

      DNS Response

      188.166.15.250

    • 8.8.8.8:53
      i3iubj73c21c.live
      dns
      regsvr32.exe
      63 B
       79 B
       1
      1

      DNS Request

      i3iubj73c21c.live

      DNS Response

      188.166.15.250

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2672-0-0x0000000001F70000-0x0000000002063000-memory.dmp

      Filesize

      972KB

      Download

    • memory/2672-1-0x00000000776B1000-0x00000000776B2000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2672-2-0x0000000077660000-0x0000000077809000-memory.dmp

      Filesize

      1.7MB

      Download

    • memory/2672-6-0x0000000077660000-0x0000000077809000-memory.dmp

      Filesize

      1.7MB

      Download

    • memory/2672-3-0x0000000002290000-0x00000000024AE000-memory.dmp

      Filesize

      2.1MB

      Download

    • memory/2672-5-0x0000000002290000-0x00000000024AE000-memory.dmp

      Filesize

      2.1MB

      Download

    • memory/2672-7-0x0000000002290000-0x00000000024AE000-memory.dmp

      Filesize

      2.1MB

      Download

    • memory/2672-8-0x0000000002290000-0x00000000024AE000-memory.dmp

      Filesize

      2.1MB

      Download

    • memory/2672-9-0x0000000001F70000-0x0000000002063000-memory.dmp

      Filesize

      972KB

      Download

    • memory/2672-10-0x0000000077660000-0x0000000077809000-memory.dmp

      Filesize

      1.7MB

      Download

    • memory/2672-11-0x00000000776B1000-0x00000000776B2000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2672-12-0x0000000077660000-0x0000000077809000-memory.dmp

      Filesize

      1.7MB

      Download

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.