Overview

overview

10

Static

static

10

08751be484...2d.dll

windows10-ltsc 2021-x64

10

0a9f79abd4...51.exe

windows10-ltsc 2021-x64

3

0di3x.exe

windows10-ltsc 2021-x64

10

2019-09-02...10.exe

windows10-ltsc 2021-x64

10

2c01b00772...eb.exe

windows10-ltsc 2021-x64

10

31.exe

windows10-ltsc 2021-x64

10

3DMark 11 ...on.exe

windows10-ltsc 2021-x64

3

42f9729255...61.exe

windows10-ltsc 2021-x64

10

5da0116af4...18.exe

windows10-ltsc 2021-x64

10

69c56d12ed...6b.exe

windows10-ltsc 2021-x64

10

905d572f23...50.exe

windows10-ltsc 2021-x64

10

948340be97...54.exe

windows10-ltsc 2021-x64

10

95560f1a46...f9.dll

windows10-ltsc 2021-x64

3

Archive.zi...3e.exe

windows10-ltsc 2021-x64

8

DiskIntern...en.exe

windows10-ltsc 2021-x64

3

ForceOp 2....ce.exe

windows10-ltsc 2021-x64

7

HYDRA.exe

windows10-ltsc 2021-x64

10

KLwC6vii.exe

windows10-ltsc 2021-x64

1

Keygen.exe

windows10-ltsc 2021-x64

10

Lonelyscre...ox.exe

windows10-ltsc 2021-x64

3

LtHv0O2KZDK4M637.exe

windows10-ltsc 2021-x64

10

Magic_File...ja.exe

windows10-ltsc 2021-x64

3

OnlineInstaller.exe

windows10-ltsc 2021-x64

8

Remouse.Mi...cg.exe

windows10-ltsc 2021-x64

3

SecuriteIn...dE.exe

windows10-ltsc 2021-x64

10

SecuriteIn...ee.dll

windows10-ltsc 2021-x64

10

SecurityTa...up.exe

windows10-ltsc 2021-x64

4

Treasure.V...ox.exe

windows10-ltsc 2021-x64

3

VyprVPN.exe

windows10-ltsc 2021-x64

10

WSHSetup[1].exe

windows10-ltsc 2021-x64

3

Yard.dll

windows10-ltsc 2021-x64

10

b2bd3de3e5...2).exe

windows10-ltsc 2021-x64

10

Resubmissions

20/04/2025, 00:10 UTC

250420-agcc8axyax 10

16/04/2025, 11:04 UTC

250416-m58gsaz1ay 10

15/04/2025, 17:34 UTC

250415-v5ylksypw9 10

15/04/2025, 06:16 UTC

250415-g1p7ras1dw 10

14/04/2025, 08:06 UTC

250414-jzpwpstxhx 10

14/04/2025, 07:59 UTC

250414-jvg1assky4 10

14/04/2025, 07:22 UTC

250414-h7g1dss1h1 10

Analysis

  • max time kernel
    299s
  • max time network
    306s
  • platform
    windows10-ltsc 2021_x64
  • resource
    win10ltsc2021-20250113-en
  • resource tags

    arch:x64arch:x86image:win10ltsc2021-20250113-enlocale:en-usos:windows10-ltsc 2021-x64system
  • submitted
    17/01/2025, 10:48 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    KLwC6vii.exe

  • Size

    17KB

  • MD5

    1ded740b925aa0c370e4e5bd02c0741f

  • SHA1

    64731e77b65da3eb192783c074afdcb6a0a245a8

  • SHA256

    a8745addaf2f95e0fe6afbc6d6712f817d4a819cf1d08bf7c0ff01822e18e1db

  • SHA512

    fdaaa6633196851725fe088fafd539eb17483555d9b926338a7caeb961354c12cabcd3f55aa51f32297ce4a884806fbc337dfa725583cc1c86b8ca6c97218d4e

  • SSDEEP

    384:fC68at8DHSXzdgcrS5RnVLeDbSbXsVKWyF5yN:p8MsIWtbeDGHY

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\KLwC6vii.exe
    "C:\Users\Admin\AppData\Local\Temp\KLwC6vii.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:2908

Network

  • flag-us
    DNS
    69.31.126.40.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    69.31.126.40.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    167.173.78.104.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    167.173.78.104.in-addr.arpa
    IN PTR
    Response
    167.173.78.104.in-addr.arpa
    IN PTR
    a104-78-173-167deploystaticakamaitechnologiescom
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    53.210.109.20.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    53.210.109.20.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    172.210.232.199.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    172.210.232.199.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    206.23.85.13.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    206.23.85.13.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    23.236.111.52.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    23.236.111.52.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    175.117.168.52.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    175.117.168.52.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
  • flag-us
    DNS
    shnf-47787.portmap.io
    KLwC6vii.exe
    Remote address:
    8.8.8.8:53
    Request
    shnf-47787.portmap.io
    IN A
    Response
No results found
  • 8.8.8.8:53
    69.31.126.40.in-addr.arpa
    dns
    71 B
     157 B
     1
    1

    DNS Request

    69.31.126.40.in-addr.arpa

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    67 B
     160 B
     1
    1

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    167.173.78.104.in-addr.arpa
    dns
    73 B
     139 B
     1
    1

    DNS Request

    167.173.78.104.in-addr.arpa

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    134 B
     160 B
     2
    1

    DNS Request

    shnf-47787.portmap.io

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    67 B
     160 B
     1
    1

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    67 B
     160 B
     1
    1

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    67 B
     160 B
     1
    1

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    67 B
     160 B
     1
    1

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    53.210.109.20.in-addr.arpa
    dns
    72 B
     158 B
     1
    1

    DNS Request

    53.210.109.20.in-addr.arpa

  • 8.8.8.8:53
    172.210.232.199.in-addr.arpa
    dns
    74 B
     128 B
     1
    1

    DNS Request

    172.210.232.199.in-addr.arpa

  • 8.8.8.8:53
    206.23.85.13.in-addr.arpa
    dns
    71 B
     145 B
     1
    1

    DNS Request

    206.23.85.13.in-addr.arpa

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    67 B
     160 B
     1
    1

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    67 B
     160 B
     1
    1

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    67 B
     160 B
     1
    1

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    67 B
     160 B
     1
    1

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    67 B
     160 B
     1
    1

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    67 B
     160 B
     1
    1

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    67 B
     160 B
     1
    1

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    67 B
     160 B
     1
    1

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    67 B
     160 B
     1
    1

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    67 B
     160 B
     1
    1

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    67 B
     160 B
     1
    1

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    67 B
     160 B
     1
    1

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    23.236.111.52.in-addr.arpa
    dns
    72 B
     158 B
     1
    1

    DNS Request

    23.236.111.52.in-addr.arpa

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    67 B
     160 B
     1
    1

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    67 B
     160 B
     1
    1

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    67 B
     160 B
     1
    1

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    67 B
     160 B
     1
    1

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    67 B
     160 B
     1
    1

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    67 B
     160 B
     1
    1

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    67 B
     160 B
     1
    1

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    67 B
     160 B
     1
    1

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    67 B
     160 B
     1
    1

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    67 B
     160 B
     1
    1

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    67 B
     160 B
     1
    1

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    175.117.168.52.in-addr.arpa
    dns
    73 B
     147 B
     1
    1

    DNS Request

    175.117.168.52.in-addr.arpa

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    134 B
     320 B
     2
    2

    DNS Request

    shnf-47787.portmap.io

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    134 B
     320 B
     2
    2

    DNS Request

    shnf-47787.portmap.io

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    134 B
     320 B
     2
    2

    DNS Request

    shnf-47787.portmap.io

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    134 B
     320 B
     2
    2

    DNS Request

    shnf-47787.portmap.io

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    134 B
     320 B
     2
    2

    DNS Request

    shnf-47787.portmap.io

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    134 B
     320 B
     2
    2

    DNS Request

    shnf-47787.portmap.io

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    134 B
     320 B
     2
    2

    DNS Request

    shnf-47787.portmap.io

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    134 B
     320 B
     2
    2

    DNS Request

    shnf-47787.portmap.io

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    134 B
     320 B
     2
    2

    DNS Request

    shnf-47787.portmap.io

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    134 B
     320 B
     2
    2

    DNS Request

    shnf-47787.portmap.io

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    134 B
     320 B
     2
    2

    DNS Request

    shnf-47787.portmap.io

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    134 B
     320 B
     2
    2

    DNS Request

    shnf-47787.portmap.io

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    134 B
     320 B
     2
    2

    DNS Request

    shnf-47787.portmap.io

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    134 B
     320 B
     2
    2

    DNS Request

    shnf-47787.portmap.io

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    134 B
     320 B
     2
    2

    DNS Request

    shnf-47787.portmap.io

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    134 B
     320 B
     2
    2

    DNS Request

    shnf-47787.portmap.io

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    134 B
     320 B
     2
    2

    DNS Request

    shnf-47787.portmap.io

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    134 B
     320 B
     2
    2

    DNS Request

    shnf-47787.portmap.io

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    134 B
     320 B
     2
    2

    DNS Request

    shnf-47787.portmap.io

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    134 B
     320 B
     2
    2

    DNS Request

    shnf-47787.portmap.io

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    134 B
     320 B
     2
    2

    DNS Request

    shnf-47787.portmap.io

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    134 B
     320 B
     2
    2

    DNS Request

    shnf-47787.portmap.io

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    134 B
     320 B
     2
    2

    DNS Request

    shnf-47787.portmap.io

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    134 B
     320 B
     2
    2

    DNS Request

    shnf-47787.portmap.io

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    134 B
     320 B
     2
    2

    DNS Request

    shnf-47787.portmap.io

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    134 B
     320 B
     2
    2

    DNS Request

    shnf-47787.portmap.io

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    134 B
     320 B
     2
    2

    DNS Request

    shnf-47787.portmap.io

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    134 B
     320 B
     2
    2

    DNS Request

    shnf-47787.portmap.io

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    134 B
     320 B
     2
    2

    DNS Request

    shnf-47787.portmap.io

    DNS Request

    shnf-47787.portmap.io

  • 8.8.8.8:53
    shnf-47787.portmap.io
    dns
    KLwC6vii.exe
    134 B
     320 B
     2
    2

    DNS Request

    shnf-47787.portmap.io

    DNS Request

    shnf-47787.portmap.io

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2908-0-0x00007FF90FC55000-0x00007FF90FC56000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2908-2-0x000000001BBA0000-0x000000001C06E000-memory.dmp

    Filesize

    4.8MB

    Download

  • memory/2908-1-0x00007FF90F9A0000-0x00007FF910341000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/2908-3-0x000000001B5C0000-0x000000001B666000-memory.dmp

    Filesize

    664KB

    Download

  • memory/2908-4-0x000000001C0E0000-0x000000001C142000-memory.dmp

    Filesize

    392KB

    Download

  • memory/2908-5-0x00007FF90F9A0000-0x00007FF910341000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/2908-6-0x000000001C9F0000-0x000000001CA8C000-memory.dmp

    Filesize

    624KB

    Download

  • memory/2908-7-0x00007FF90FC55000-0x00007FF90FC56000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2908-8-0x00007FF90F9A0000-0x00007FF910341000-memory.dmp

    Filesize

    9.6MB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.