33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443

Analysis

max time kernel
122s
max time network
120s
platform
windows7_x64
resource
win7-20240611-en
resource tags

arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
submitted
01-07-2024 03:46

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Size

7.9MB
MD5

efeb18cb3559a77995618c8d419aee70
SHA1

031813582c485460d3a7ff185502f4cfc3842c2f
SHA256

33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443
SHA512

1dac843eaa518cbd988a4e8923aadf317e018b1ac872f528df799a6244afb9abbc4a62f492af78c1842d22e550da36466bdd383f06ff55e3e051fd930728fcca
SSDEEP

98304:CX9lzMRum1nuqyU7XtPCySwo47CctAWUmDrhyM4Znnf6vP/iq0iuWhiw0cEWaOLS:CX9lzMRum1nQUztPClmtPqq0iZinWpM

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 2 IoCs

Processes:

MsiExec.exe

pid process

2692 MsiExec.exe
2692 MsiExec.exe

pid	process
2692	MsiExec.exe
2692	MsiExec.exe

Enumerates connected drives 3 TTPs 64 IoCs

Attempts to read the root path of hard drives other than the default C: drive.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

Processes:

msiexec.exe33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exemsiexec.exe

description	ioc	process
File opened (read-only)	\??\O:	msiexec.exe
File opened (read-only)	\??\W:	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
File opened (read-only)	\??\E:	msiexec.exe
File opened (read-only)	\??\S:	msiexec.exe
File opened (read-only)	\??\U:	msiexec.exe
File opened (read-only)	\??\A:	msiexec.exe
File opened (read-only)	\??\M:	msiexec.exe
File opened (read-only)	\??\R:	msiexec.exe
File opened (read-only)	\??\Y:	msiexec.exe
File opened (read-only)	\??\B:	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
File opened (read-only)	\??\W:	msiexec.exe
File opened (read-only)	\??\Q:	msiexec.exe
File opened (read-only)	\??\H:	msiexec.exe
File opened (read-only)	\??\U:	msiexec.exe
File opened (read-only)	\??\W:	msiexec.exe
File opened (read-only)	\??\L:	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
File opened (read-only)	\??\T:	msiexec.exe
File opened (read-only)	\??\Y:	msiexec.exe
File opened (read-only)	\??\I:	msiexec.exe
File opened (read-only)	\??\X:	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
File opened (read-only)	\??\E:	msiexec.exe
File opened (read-only)	\??\K:	msiexec.exe
File opened (read-only)	\??\R:	msiexec.exe
File opened (read-only)	\??\X:	msiexec.exe
File opened (read-only)	\??\H:	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
File opened (read-only)	\??\X:	msiexec.exe
File opened (read-only)	\??\B:	msiexec.exe
File opened (read-only)	\??\G:	msiexec.exe
File opened (read-only)	\??\H:	msiexec.exe
File opened (read-only)	\??\I:	msiexec.exe
File opened (read-only)	\??\J:	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
File opened (read-only)	\??\M:	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
File opened (read-only)	\??\Q:	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
File opened (read-only)	\??\V:	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
File opened (read-only)	\??\J:	msiexec.exe
File opened (read-only)	\??\L:	msiexec.exe
File opened (read-only)	\??\N:	msiexec.exe
File opened (read-only)	\??\I:	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
File opened (read-only)	\??\O:	msiexec.exe
File opened (read-only)	\??\P:	msiexec.exe
File opened (read-only)	\??\Z:	msiexec.exe
File opened (read-only)	\??\K:	msiexec.exe
File opened (read-only)	\??\Y:	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
File opened (read-only)	\??\P:	msiexec.exe
File opened (read-only)	\??\N:	msiexec.exe
File opened (read-only)	\??\V:	msiexec.exe
File opened (read-only)	\??\E:	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
File opened (read-only)	\??\G:	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
File opened (read-only)	\??\Z:	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
File opened (read-only)	\??\T:	msiexec.exe
File opened (read-only)	\??\A:	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
File opened (read-only)	\??\V:	msiexec.exe
File opened (read-only)	\??\K:	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
File opened (read-only)	\??\O:	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
File opened (read-only)	\??\U:	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
File opened (read-only)	\??\N:	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
File opened (read-only)	\??\T:	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
File opened (read-only)	\??\A:	msiexec.exe
File opened (read-only)	\??\S:	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
File opened (read-only)	\??\G:	msiexec.exe
File opened (read-only)	\??\Q:	msiexec.exe
File opened (read-only)	\??\B:	msiexec.exe
File opened (read-only)	\??\R:	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
File opened (read-only)	\??\M:	msiexec.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

msiexec.exe33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe

description	pid	process
Token: SeRestorePrivilege	2760	msiexec.exe
Token: SeTakeOwnershipPrivilege	2760	msiexec.exe
Token: SeSecurityPrivilege	2760	msiexec.exe
Token: SeCreateTokenPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeAssignPrimaryTokenPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeLockMemoryPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeIncreaseQuotaPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeMachineAccountPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeTcbPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeSecurityPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeTakeOwnershipPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeLoadDriverPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeSystemProfilePrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeSystemtimePrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeProfSingleProcessPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeIncBasePriorityPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeCreatePagefilePrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeCreatePermanentPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeBackupPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeRestorePrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeShutdownPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeDebugPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeAuditPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeSystemEnvironmentPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeChangeNotifyPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeRemoteShutdownPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeUndockPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeSyncAgentPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeEnableDelegationPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeManageVolumePrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeImpersonatePrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeCreateGlobalPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeCreateTokenPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeAssignPrimaryTokenPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeLockMemoryPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeIncreaseQuotaPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeMachineAccountPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeTcbPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeSecurityPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeTakeOwnershipPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeLoadDriverPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeSystemProfilePrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeSystemtimePrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeProfSingleProcessPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeIncBasePriorityPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeCreatePagefilePrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeCreatePermanentPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeBackupPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeRestorePrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeShutdownPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeDebugPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeAuditPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeSystemEnvironmentPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeChangeNotifyPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeRemoteShutdownPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeUndockPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeSyncAgentPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeEnableDelegationPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeManageVolumePrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeImpersonatePrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeCreateGlobalPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeCreateTokenPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeAssignPrimaryTokenPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
Token: SeLockMemoryPrivilege	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe

Suspicious use of FindShellTrayWindow 3 IoCs

Processes:

33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exemsiexec.exe

pid process

2488 33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
3016 msiexec.exe
3016 msiexec.exe

pid	process
2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
3016	msiexec.exe
3016	msiexec.exe

Suspicious use of WriteProcessMemory 17 IoCs

Processes:

msiexec.exe33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe

description	pid	process	target process
PID 2760 wrote to memory of 2692	2760	msiexec.exe	MsiExec.exe
PID 2760 wrote to memory of 2692	2760	msiexec.exe	MsiExec.exe
PID 2760 wrote to memory of 2692	2760	msiexec.exe	MsiExec.exe
PID 2760 wrote to memory of 2692	2760	msiexec.exe	MsiExec.exe
PID 2760 wrote to memory of 2692	2760	msiexec.exe	MsiExec.exe
PID 2760 wrote to memory of 2692	2760	msiexec.exe	MsiExec.exe
PID 2760 wrote to memory of 2692	2760	msiexec.exe	MsiExec.exe
PID 2488 wrote to memory of 3016	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe	msiexec.exe
PID 2488 wrote to memory of 3016	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe	msiexec.exe
PID 2488 wrote to memory of 3016	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe	msiexec.exe
PID 2488 wrote to memory of 3016	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe	msiexec.exe
PID 2488 wrote to memory of 3016	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe	msiexec.exe
PID 2488 wrote to memory of 3016	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe	msiexec.exe
PID 2488 wrote to memory of 3016	2488	33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe	msiexec.exe
PID 2760 wrote to memory of 3044	2760	msiexec.exe	WerFault.exe
PID 2760 wrote to memory of 3044	2760	msiexec.exe	WerFault.exe
PID 2760 wrote to memory of 3044	2760	msiexec.exe	WerFault.exe

Uses Volume Shadow Copy service COM API
The Volume Shadow Copy service is used to manage backups/snapshots.
ransomware

C:\Users\Admin\AppData\Local\Temp\33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe"
1⤵
- Enumerates connected drives
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of WriteProcessMemory
PID:2488

C:\Windows\SysWOW64\msiexec.exe
"C:\Windows\system32\msiexec.exe" /i "C:\Users\Admin\AppData\Roaming\Your Company\Your Application 1.0.0\install\Your Application.msi" AI_SETUPEXEPATH=C:\Users\Admin\AppData\Local\Temp\33270120b823cc225606147457f6d086d97b5864450f16546982626902e46443_NeikiAnalytics.exe SETUPEXEDIR=C:\Users\Admin\AppData\Local\Temp\ EXE_CMD_LINE="/exenoupdates /forcecleanup /wintime 1719546219 "
2⤵
- Enumerates connected drives
- Suspicious use of FindShellTrayWindow
PID:3016

C:\Windows\system32\msiexec.exe
C:\Windows\system32\msiexec.exe /V
1⤵
- Enumerates connected drives
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:2760

C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding B6C9334699919FD420047603C14DF4F1 C
2⤵
- Loads dropped DLL
PID:2692

C:\Windows\system32\WerFault.exe
C:\Windows\system32\WerFault.exe -u -p 2760 -s 876
2⤵
PID:3044

C:\Windows\system32\vssvc.exe
C:\Windows\system32\vssvc.exe
1⤵
PID:2704

C:\Windows\system32\msiexec.exe
C:\Windows\system32\msiexec.exe /V
1⤵
PID:332

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\MSIB95.tmp
Filesize
819KB

MD5
3604517a3e6e69ba339239cf82fc94a5

SHA1
c4757e31f9c8a90ee5de233792da71c8915050c5

SHA256
bdd1d14c9cb54b19f6a7f37adbc7537ce8fd2f6fa59a74a4a90b08c7979708d2

SHA512
c22ffc410886fae221dfee6ab469e44694f87cecce14d505a059f5fe01c1b4e1ad93c15b78c7623e821a37737491e89c627ddae5d03c407a877835ab6d611619

Download Submit
C:\Users\Admin\AppData\Local\Temp\MSICFD.tmp
Filesize
1.1MB

MD5
cc048c7aadc4adf3a29d429f1f5eead0

SHA1
6b4d89df901427fe955be2d58ad91a6de30be9d6

SHA256
d23c6ac751423ff6961694437e67d7b608102bd351e3e0cd10d34d026a1a08ca

SHA512
0e67c0a4db70e19ead49f6c0fd41045f3fd9ee688d75a6da2916e347b70783843fa0e3d6cfc2b0bcd5e16a6045ba27707dff655556ebc725c126082e45cee2fa

Download Submit
C:\Users\Admin\AppData\Roaming\Your Company\Your Application 1.0.0\install\Your Application.msi
Filesize
4.1MB

MD5
c6f2c182d1946aa7c29ec6861fbf168f

SHA1
f1f8b2e65d8581f966b577c5ff22a3af081d3994

SHA256
6688cc74e524b2b68fae49e66d0e2c718e7d01e591883530bbe32e00d6d93392

SHA512
eca4e43c79812578787f68ac912ca863356e0e3a16580d967b3eeaacfef32c53832b05acb57d0da61b55f75f241fe172faad4cc28a75b51383ffff7ca6a214f8

Download Submit
memory/2488-0-0x00000000001C0000-0x00000000001C1000-memory.dmp

Filesize
4KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads