Resubmissions
31/03/2025, 01:21
250331-bqtvaszyhx 1031/03/2025, 01:18
250331-bn4xgszydt 1031/03/2025, 01:17
250331-bnwwwasqv7 1029/03/2025, 14:30
250329-rveh6swqw4 10Analysis
-
max time kernel
295s -
max time network
296s -
platform
windows10-2004_x64 -
resource
win10v2004-20250314-en -
resource tags
-
submitted
29/03/2025, 14:30
General
-
Target
jjexploer.exe
-
Size
25KB
-
MD5
48f18e8a6a3f9b0f948b0e11e736f9e5
-
SHA1
643cec64499163563d018edbece54075c13e7cc3
-
SHA256
8e9b72f5c85f33855d55ba43828a9eb6747a20c269fd2f0a3e8e79927adcc644
-
SHA512
110a9e9bae0e4d527c6f8e5c9958aff8a13db398f0b18a727e28d69fa30d0bd759033f8efcbb59b11c2c1816b2cb17c43b7453244a198c217aa48cced0088d7b
-
SSDEEP
768:svpoyEEfxcQ4UBPq9lzcdaxfvM/r7yPV6U6m:QoyhuLUIjzgCfvM/r7yH6m
Score
10/10
Malware Config
Extracted
Family
njrat
Version
Njrat 0.7 Golden By Hassan Amiri
Botnet
svhost.exe
C2
animal-premium.gl.at.ply.gg:16843
Mutex
Update
Attributes
-
reg_key
Update
-
splitter
|Hassan|
Signatures
-
Njrat family
-
njRAT/Bladabindi
Widely used RAT written in .NET.
-
Checks computer location settings 2 TTPs 1 IoCs
Looks up country code configured in the registry, likely geofence.
-
Drops startup file 2 IoCs
-
Executes dropped EXE 3 IoCs
-
Adds Run key to start application 2 TTPs 2 IoCs
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Scheduled Task/Job: Scheduled Task 1 TTPs 1 IoCs
Schtasks is often used by malware for persistence or to perform post-infection execution.
-
Suspicious behavior: GetForegroundWindowSpam 4 IoCs
-
Suspicious use of WriteProcessMemory 8 IoCs
-
Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
Processes
-
C:\Users\Admin\AppData\Local\Temp\jjexploer.exe"C:\Users\Admin\AppData\Local\Temp\jjexploer.exe"1⤵
- Checks computer location settings
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Roaming\Dllhost.exe"C:\Users\Admin\AppData\Roaming\Dllhost.exe"2⤵
- Drops startup file
- Executes dropped EXE
- Adds Run key to start application
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of WriteProcessMemory
-
C:\Windows\SYSTEM32\schtasks.exeschtasks /create /sc minute /mo 1 /tn Server /tr C:\Users\Admin\AppData\Local\Temp/Server.exe3⤵
- Scheduled Task/Job: Scheduled Task
-
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
- Executes dropped EXE
- Suspicious behavior: GetForegroundWindowSpam
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
- Executes dropped EXE
- Suspicious behavior: GetForegroundWindowSpam
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Users\Admin\AppData\Local\Temp\Server.exeC:\Users\Admin\AppData\Local\Temp/Server.exe1⤵
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Users\Admin\AppData\Local\Temp\Server.exeC:\Users\Admin\AppData\Local\Temp/Server.exe1⤵
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Users\Admin\AppData\Roaming\Dllhost.exeC:\Users\Admin\AppData\Roaming\Dllhost.exe ..2⤵
-
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Roaming\Dllhost.exe" ..1⤵
Network
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Scheduled Task
1Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1KB
MD5a8a147915e3a996fdbe10b3a3f1e1bb2
SHA1abc564c1be468d57e700913e7b6cf8f62d421263
SHA2568b96a8557deea66696837af011843d6a82451ba57c8f9b5a2726a70818d6fc7e
SHA51217b42f17ef60a9f625703172763f692e5ed2ca93564a97853dfa72bb0ac6305ef3267aea0b205938e3aa8eac10156d9d4f322b30d0329d92d647bcec6372731c
-
Filesize
25KB
MD548f18e8a6a3f9b0f948b0e11e736f9e5
SHA1643cec64499163563d018edbece54075c13e7cc3
SHA2568e9b72f5c85f33855d55ba43828a9eb6747a20c269fd2f0a3e8e79927adcc644
SHA512110a9e9bae0e4d527c6f8e5c9958aff8a13db398f0b18a727e28d69fa30d0bd759033f8efcbb59b11c2c1816b2cb17c43b7453244a198c217aa48cced0088d7b
-
Filesize
72KB
-
Filesize
72KB
-
Filesize
72KB
-
Filesize
72KB
-
Filesize
72KB
-
Filesize
72KB
-
Filesize
72KB
-
Filesize
10.8MB
-
Filesize
10.8MB
-
Filesize
10.8MB
-
Filesize
10.8MB
-
Filesize
72KB
-
Filesize
72KB
-
Filesize
72KB
-
Filesize
72KB
-
Filesize
72KB
-
Filesize
10.8MB
-
Filesize
10.8MB
-
Filesize
72KB
-
Filesize
10.8MB
-
Filesize
32KB
-
Filesize
8KB
-
Filesize
72KB
-
Filesize
72KB
-
Filesize
72KB
-
Filesize
72KB
-
Filesize
72KB
-
Filesize
72KB
-
Filesize
72KB
-
Filesize
72KB
-
Filesize
72KB
-
Filesize
72KB
-
Filesize
72KB
-
Filesize
72KB
-
Filesize
72KB
-
Filesize
72KB
-
Filesize
72KB