Source: Traffic | Snort IDS: 2037937 ET TROJAN Woody RAT CnC Domain (microsoft-ru-data .ru) in DNS Lookup 192.168.2.6:55201 -> 8.8.8.8:53 |
Source: Traffic | Snort IDS: 2037937 ET TROJAN Woody RAT CnC Domain (microsoft-ru-data .ru) in DNS Lookup 192.168.2.6:59293 -> 8.8.8.8:53 |
Source: Traffic | Snort IDS: 2037937 ET TROJAN Woody RAT CnC Domain (microsoft-ru-data .ru) in DNS Lookup 192.168.2.6:58723 -> 8.8.8.8:53 |
Source: Traffic | Snort IDS: 2037937 ET TROJAN Woody RAT CnC Domain (microsoft-ru-data .ru) in DNS Lookup 192.168.2.6:51971 -> 8.8.8.8:53 |
Source: Traffic | Snort IDS: 2037937 ET TROJAN Woody RAT CnC Domain (microsoft-ru-data .ru) in DNS Lookup 192.168.2.6:56591 -> 8.8.8.8:53 |
Source: Traffic | Snort IDS: 2037937 ET TROJAN Woody RAT CnC Domain (microsoft-ru-data .ru) in DNS Lookup 192.168.2.6:60350 -> 8.8.8.8:53 |
Source: Traffic | Snort IDS: 2037937 ET TROJAN Woody RAT CnC Domain (microsoft-ru-data .ru) in DNS Lookup 192.168.2.6:51748 -> 8.8.8.8:53 |
Source: Traffic | Snort IDS: 2037937 ET TROJAN Woody RAT CnC Domain (microsoft-ru-data .ru) in DNS Lookup 192.168.2.6:61116 -> 8.8.8.8:53 |
Source: Traffic | Snort IDS: 2037937 ET TROJAN Woody RAT CnC Domain (microsoft-ru-data .ru) in DNS Lookup 192.168.2.6:50958 -> 8.8.8.8:53 |
Source: Traffic | Snort IDS: 2037937 ET TROJAN Woody RAT CnC Domain (microsoft-ru-data .ru) in DNS Lookup 192.168.2.6:61607 -> 8.8.8.8:53 |
Source: Traffic | Snort IDS: 2037937 ET TROJAN Woody RAT CnC Domain (microsoft-ru-data .ru) in DNS Lookup 192.168.2.6:56550 -> 8.8.8.8:53 |
Source: Traffic | Snort IDS: 2037938 ET TROJAN Woody RAT CnC Domain (fns77 .ru) in DNS Lookup 192.168.2.6:52858 -> 8.8.8.8:53 |
Source: Traffic | Snort IDS: 2037938 ET TROJAN Woody RAT CnC Domain (fns77 .ru) in DNS Lookup 192.168.2.6:59871 -> 8.8.8.8:53 |
Source: Traffic | Snort IDS: 2037938 ET TROJAN Woody RAT CnC Domain (fns77 .ru) in DNS Lookup 192.168.2.6:51194 -> 8.8.8.8:53 |
Source: Traffic | Snort IDS: 2037938 ET TROJAN Woody RAT CnC Domain (fns77 .ru) in DNS Lookup 192.168.2.6:54015 -> 8.8.8.8:53 |
Source: Traffic | Snort IDS: 2037938 ET TROJAN Woody RAT CnC Domain (fns77 .ru) in DNS Lookup 192.168.2.6:58689 -> 8.8.8.8:53 |
Source: Traffic | Snort IDS: 2037938 ET TROJAN Woody RAT CnC Domain (fns77 .ru) in DNS Lookup 192.168.2.6:53049 -> 8.8.8.8:53 |
Source: Traffic | Snort IDS: 2037938 ET TROJAN Woody RAT CnC Domain (fns77 .ru) in DNS Lookup 192.168.2.6:63104 -> 8.8.8.8:53 |
Source: Traffic | Snort IDS: 2037938 ET TROJAN Woody RAT CnC Domain (fns77 .ru) in DNS Lookup 192.168.2.6:65367 -> 8.8.8.8:53 |
Source: Traffic | Snort IDS: 2037938 ET TROJAN Woody RAT CnC Domain (fns77 .ru) in DNS Lookup 192.168.2.6:57669 -> 8.8.8.8:53 |
Source: Traffic | Snort IDS: 2037938 ET TROJAN Woody RAT CnC Domain (fns77 .ru) in DNS Lookup 192.168.2.6:55788 -> 8.8.8.8:53 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49788 |
Source: unknown | Network traffic detected: HTTP traffic on port 49817 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49820 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49785 |
Source: unknown | Network traffic detected: HTTP traffic on port 49766 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49785 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49769 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49807 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49819 |
Source: unknown | Network traffic detected: HTTP traffic on port 49799 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49810 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49817 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49815 |
Source: unknown | Network traffic detected: HTTP traffic on port 49791 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49814 |
Source: unknown | Network traffic detected: HTTP traffic on port 49881 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49857 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49812 |
Source: unknown | Network traffic detected: HTTP traffic on port 49885 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49772 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49810 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49774 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49773 |
Source: unknown | Network traffic detected: HTTP traffic on port 49820 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49772 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49771 |
Source: unknown | Network traffic detected: HTTP traffic on port 49812 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49770 |
Source: unknown | Network traffic detected: HTTP traffic on port 49788 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49763 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49876 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49809 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49807 |
Source: unknown | Network traffic detected: HTTP traffic on port 49882 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49773 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49886 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49769 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49768 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49801 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49766 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49843 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49887 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49765 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49886 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49764 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49885 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49763 |
Source: unknown | Network traffic detected: HTTP traffic on port 49819 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49883 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49882 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49881 |
Source: unknown | Network traffic detected: HTTP traffic on port 49815 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49857 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49764 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49770 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49801 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49797 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49809 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49883 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49774 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49887 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49799 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49832 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49876 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49797 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49796 |
Source: unknown | Network traffic detected: HTTP traffic on port 49843 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49814 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49791 |
Source: unknown | Network traffic detected: HTTP traffic on port 49765 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49768 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49796 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49825 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 49832 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49825 |
Source: unknown | Network traffic detected: HTTP traffic on port 49867 -> 443 |
Source: unknown | Network traffic detected: HTTP traffic on port 443 -> 49867 |
Source: unknown | Network traffic detected: HTTP traffic on port 49771 -> 443 |
Source: zwM7Oe2e1l.exe, 00000002.00000003.504283286.000001F180265000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.504433768.000001F180285000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.584696071.000001F180285000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000002.627384501.000001F180264000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.530200851.000001F180264000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.557947549.000001F180277000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.476972337.000001F180283000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.530234039.000001F180277000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.476900660.000001F180264000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.449641977.000001F180283000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.584591844.000001F180264000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000002.627482009.000001F18027B000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.557786417.000001F180264000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.449602137.000001F180260000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.399547079.000001F180280000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.422978366.000001F180281000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.504420886.000001F18027C000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.584630455.000001F180277000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://fns77.ru/ |
Source: zwM7Oe2e1l.exe, 00000002.00000003.584696071.000001F180285000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.584630455.000001F180277000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://fns77.ru/d |
Source: zwM7Oe2e1l.exe, 00000002.00000003.504433768.000001F180285000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.476972337.000001F180283000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.530234039.000001F180277000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.504420886.000001F18027C000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://fns77.ru/e |
Source: zwM7Oe2e1l.exe, 00000002.00000003.557772748.000001F180261000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.530234039.000001F180277000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.504276141.000001F180261000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.476801924.000001F180237000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.530110478.000001F180235000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.476883519.000001F180261000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.449653886.000001F18027F000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.584585700.000001F180261000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000002.627247814.000001F180235000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.530193276.000001F180260000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.449602137.000001F180260000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.449519735.000001F180235000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.399547079.000001F180280000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.422978366.000001F180281000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.504027968.000001F180235000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.584550699.000001F180237000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.476964147.000001F18027B000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.449633913.000001F18027B000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000002.627020793.000001F1801EB000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.504420886.000001F18027C000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.584630455.000001F180277000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://fns77.ru/knock |
Source: zwM7Oe2e1l.exe, 00000002.00000003.584585700.000001F180261000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://fns77.ru/knock)0O |
Source: zwM7Oe2e1l.exe, 00000002.00000003.449653886.000001F18027F000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.449633913.000001F18027B000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://fns77.ru/knock?. |
Source: zwM7Oe2e1l.exe, 00000002.00000002.627362850.000001F180260000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://fns77.ru/knockC3 |
Source: zwM7Oe2e1l.exe, 00000002.00000002.627247814.000001F180235000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://fns77.ru/knockKkz |
Source: zwM7Oe2e1l.exe, 00000002.00000003.422978366.000001F180281000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://fns77.ru/knockq |
Source: zwM7Oe2e1l.exe, 00000002.00000003.504420886.000001F18027C000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://fns77.ru/knockr |
Source: zwM7Oe2e1l.exe, 00000002.00000003.557540751.000001F180235000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.584696071.000001F180285000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.557947549.000001F180277000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.476801924.000001F180237000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.530110478.000001F180235000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000002.627247814.000001F180235000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.449519735.000001F180235000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.504027968.000001F180235000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.584550699.000001F180237000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.584630455.000001F180277000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://fns77.ru/m |
Source: zwM7Oe2e1l.exe, 00000002.00000003.449602137.000001F180260000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.476939167.000001F180268000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.504317321.000001F180268000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.584598044.000001F180268000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.530208861.000001F180268000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://fns77.ru:443/knockxGO6 |
Source: zwM7Oe2e1l.exe, 00000002.00000003.364691804.000001F180245000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000002.627020793.000001F1801EB000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.369036380.000001F180264000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.370920493.000001F180275000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://microsoft-ru-data.ru/ |
Source: zwM7Oe2e1l.exe, 00000002.00000003.367111100.000001F180247000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://microsoft-ru-data.ru/6 |
Source: zwM7Oe2e1l.exe, 00000002.00000003.367111100.000001F180247000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.369408265.000001F180247000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.366618138.000001F180247000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.370201861.000001F180247000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.371162191.000001F180247000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://microsoft-ru-data.ru/Y |
Source: zwM7Oe2e1l.exe, 00000002.00000003.369408265.000001F180247000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://microsoft-ru-data.ru/ck |
Source: zwM7Oe2e1l.exe, 00000002.00000003.365233268.000001F180247000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://microsoft-ru-data.ru/ckW |
Source: zwM7Oe2e1l.exe, 00000002.00000003.366094915.000001F180247000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://microsoft-ru-data.ru/ckZ |
Source: zwM7Oe2e1l.exe, 00000002.00000003.367781850.000001F180247000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.371141170.000001F180235000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.365233268.000001F180247000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.366085455.000001F180235000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.363930144.000001F180242000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.370610227.000001F180278000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.365226384.000001F180235000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.370146613.000001F180278000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.367767742.000001F180235000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.366094915.000001F180247000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.370181710.000001F180235000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.369088197.000001F180278000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.368622773.000001F180235000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.367097339.000001F180235000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.370920493.000001F180275000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://microsoft-ru-data.ru/knock |
Source: zwM7Oe2e1l.exe, 00000002.00000003.365226384.000001F180235000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://microsoft-ru-data.ru/knock#f1 |
Source: zwM7Oe2e1l.exe, 00000002.00000003.371379761.000001F180275000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.370920493.000001F180275000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://microsoft-ru-data.ru/knock%) |
Source: zwM7Oe2e1l.exe, 00000002.00000003.364275197.000001F180242000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://microsoft-ru-data.ru/knockW |
Source: zwM7Oe2e1l.exe, 00000002.00000003.364275197.000001F180242000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://microsoft-ru-data.ru/knockZ |
Source: zwM7Oe2e1l.exe, 00000002.00000003.368713421.000001F180247000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://microsoft-ru-data.ru/knockc |
Source: zwM7Oe2e1l.exe, 00000002.00000003.369394137.000001F180235000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.367767742.000001F180235000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://microsoft-ru-data.ru/knockd |
Source: zwM7Oe2e1l.exe, 00000002.00000003.366085455.000001F180235000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://microsoft-ru-data.ru/knocke |
Source: zwM7Oe2e1l.exe, 00000002.00000003.369320038.000001F180278000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.369901342.000001F180278000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.370610227.000001F180278000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.370146613.000001F180278000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.370920493.000001F180275000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://microsoft-ru-data.ru/knocks) |
Source: zwM7Oe2e1l.exe, 00000002.00000002.627020793.000001F1801EB000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://microsoft-ru-data.ru/l |
Source: zwM7Oe2e1l.exe, 00000002.00000003.369408265.000001F180247000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.368713421.000001F180247000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://microsoft-ru-data.ru/r |
Source: zwM7Oe2e1l.exe, 00000002.00000003.363930144.000001F180242000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.364275197.000001F180242000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.364691804.000001F180245000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://microsoft-ru-data.ru/x |
Source: zwM7Oe2e1l.exe, 00000002.00000003.366020901.000001F180265000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.366905937.000001F180268000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.366530703.000001F180265000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://microsoft-ru-data.ru:443/knock |
Source: zwM7Oe2e1l.exe, 00000002.00000003.449602137.000001F180260000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.476939167.000001F180268000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.504317321.000001F180268000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.584598044.000001F180268000.00000004.00000020.00020000.00000000.sdmp, zwM7Oe2e1l.exe, 00000002.00000003.530208861.000001F180268000.00000004.00000020.00020000.00000000.sdmp | String found in binary or memory: https://mis77.ru/ |