Analysis
-
max time kernel
148s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
24-12-2024 18:40
General
-
Target
$PLUGINSDIR/cse4roo.dll
-
Size
5KB
-
MD5
55ece16004aa5f4e2922619cd4550be1
-
SHA1
314c0edc2a812e88da96322d340919f63a392d8d
-
SHA256
3ce9036a2569c7c3c15061528ecf49747620d4fd3b22338694c9525c6c0e4fc3
-
SHA512
25cba598082fc6d7705a0c0e7de491fe156fce88308fe510d70d40c01bf458849cf9f50f190ad67ca742b2829357170978accae1d3eeb9190850d3dc4746aa24
-
SSDEEP
48:StQJNdo8BP/hHSmDJjtrMOGa4zzBvoAXAdUMQ9BgKRuqS:PRjZDGXHBgVueqx
Score
3/10
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 47 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: MapViewOfSection 53 IoCs
-
Suspicious use of WriteProcessMemory 64 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#12⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
- Suspicious use of WriteProcessMemory
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#13⤵
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#13⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
- Suspicious use of WriteProcessMemory
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#14⤵
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#14⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
- Suspicious use of WriteProcessMemory
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#15⤵
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#15⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
- Suspicious use of WriteProcessMemory
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#16⤵
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#16⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
- Suspicious use of WriteProcessMemory
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#17⤵
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#17⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#18⤵
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#18⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#19⤵
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#19⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#110⤵
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#110⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#111⤵
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#111⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#112⤵
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#112⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#113⤵
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#113⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#114⤵
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#114⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#115⤵
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#115⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#116⤵
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#116⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#117⤵
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#117⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#118⤵
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#118⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#119⤵
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#119⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#120⤵
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#120⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#121⤵
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#121⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#122⤵
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#122⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#123⤵
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#123⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#124⤵
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#124⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#125⤵
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#125⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#126⤵
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#126⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#127⤵
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#127⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#128⤵
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#128⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#129⤵
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#129⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#130⤵
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#130⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#131⤵
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#131⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#132⤵
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#132⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#133⤵
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#133⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#134⤵
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#134⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#135⤵
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#135⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#136⤵
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#136⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#137⤵
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#137⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#138⤵
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#138⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#139⤵
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#139⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#140⤵
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#140⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#141⤵
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#141⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#142⤵
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#142⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#143⤵
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#143⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#144⤵
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#144⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#145⤵
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#145⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#146⤵
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#146⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#147⤵
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#147⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#148⤵
-
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#148⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: MapViewOfSection
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\cse4roo.dll,#149⤵
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
8KB