Source: global traffic |
HTTP traffic detected: POST /rofl/admin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36Host: javaforyouedu.inContent-Length: 538Connection: Keep-AliveCache-Control: no-cache |
Source: global traffic |
HTTP traffic detected: POST /rofl/admin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36Host: javaforyouedu.inContent-Length: 538Connection: Keep-AliveCache-Control: no-cache |
Source: global traffic |
HTTP traffic detected: POST /rofl/admin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36Host: javaforyouedu.inContent-Length: 96Connection: Keep-AliveCache-Control: no-cache |
Source: global traffic |
HTTP traffic detected: POST /rofl/admin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36Host: javaforyouedu.inContent-Length: 96Connection: Keep-AliveCache-Control: no-cache |
Source: global traffic |
HTTP traffic detected: POST /rofl/admin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36Host: javaforyouedu.inContent-Length: 538Connection: Keep-AliveCache-Control: no-cache |
Source: global traffic |
HTTP traffic detected: POST /rofl/admin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36Host: javaforyouedu.inContent-Length: 96Connection: Keep-AliveCache-Control: no-cache |
Source: global traffic |
HTTP traffic detected: POST /rofl/admin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36Host: javaforyouedu.inContent-Length: 96Connection: Keep-AliveCache-Control: no-cache |
Source: global traffic |
HTTP traffic detected: POST /rofl/admin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36Host: javaforyouedu.inContent-Length: 96Connection: Keep-AliveCache-Control: no-cache |
Source: global traffic |
HTTP traffic detected: POST /rofl/admin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36Host: javaforyouedu.inContent-Length: 96Connection: Keep-AliveCache-Control: no-cache |
Source: global traffic |
HTTP traffic detected: POST /rofl/admin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36Host: javaforyouedu.inContent-Length: 96Connection: Keep-AliveCache-Control: no-cache |
Source: global traffic |
HTTP traffic detected: POST /rofl/admin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36Host: javaforyouedu.inContent-Length: 96Connection: Keep-AliveCache-Control: no-cache |
Source: global traffic |
HTTP traffic detected: POST /rofl/admin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36Host: javaforyouedu.inContent-Length: 96Connection: Keep-AliveCache-Control: no-cache |
Source: global traffic |
HTTP traffic detected: POST /rofl/admin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36Host: javaforyouedu.inContent-Length: 96Connection: Keep-AliveCache-Control: no-cache |
Source: global traffic |
HTTP traffic detected: POST /rofl/admin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36Host: javaforyouedu.inContent-Length: 96Connection: Keep-AliveCache-Control: no-cache |
Source: global traffic |
HTTP traffic detected: POST /rofl/admin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36Host: javaforyouedu.inContent-Length: 96Connection: Keep-AliveCache-Control: no-cache |
Source: global traffic |
HTTP traffic detected: POST /rofl/admin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36Host: javaforyouedu.inContent-Length: 96Connection: Keep-AliveCache-Control: no-cache |
Source: global traffic |
HTTP traffic detected: POST /rofl/admin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36Host: javaforyouedu.inContent-Length: 96Connection: Keep-AliveCache-Control: no-cache |
Source: global traffic |
HTTP traffic detected: POST /rofl/admin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36Host: javaforyouedu.inContent-Length: 96Connection: Keep-AliveCache-Control: no-cache |
Source: global traffic |
HTTP traffic detected: POST /rofl/admin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36Host: javaforyouedu.inContent-Length: 96Connection: Keep-AliveCache-Control: no-cache |
Source: global traffic |
HTTP traffic detected: POST /rofl/admin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36Host: javaforyouedu.inContent-Length: 96Connection: Keep-AliveCache-Control: no-cache |
Source: global traffic |
HTTP traffic detected: POST /rofl/admin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36Host: javaforyouedu.inContent-Length: 96Connection: Keep-AliveCache-Control: no-cache |
Source: global traffic |
HTTP traffic detected: POST /rofl/admin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36Host: javaforyouedu.inContent-Length: 96Connection: Keep-AliveCache-Control: no-cache |
Source: global traffic |
HTTP traffic detected: POST /rofl/admin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36Host: javaforyouedu.inContent-Length: 96Connection: Keep-AliveCache-Control: no-cache |
Source: global traffic |
HTTP traffic detected: POST /rofl/admin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36Host: javaforyouedu.inContent-Length: 96Connection: Keep-AliveCache-Control: no-cache |
Source: global traffic |
HTTP traffic detected: POST /rofl/admin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36Host: javaforyouedu.inContent-Length: 96Connection: Keep-AliveCache-Control: no-cache |
Source: global traffic |
HTTP traffic detected: POST /rofl/admin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36Host: javaforyouedu.inContent-Length: 96Connection: Keep-AliveCache-Control: no-cache |
Source: global traffic |
HTTP traffic detected: POST /rofl/admin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36Host: javaforyouedu.inContent-Length: 96Connection: Keep-AliveCache-Control: no-cache |
Source: global traffic |
HTTP traffic detected: POST /rofl/admin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36Host: javaforyouedu.inContent-Length: 96Connection: Keep-AliveCache-Control: no-cache |
Source: global traffic |
HTTP traffic detected: POST /rofl/admin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36Host: javaforyouedu.inContent-Length: 96Connection: Keep-AliveCache-Control: no-cache |
Source: global traffic |
HTTP traffic detected: POST /rofl/admin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36Host: javaforyouedu.inContent-Length: 96Connection: Keep-AliveCache-Control: no-cache |
Source: global traffic |
HTTP traffic detected: POST /rofl/admin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36Host: javaforyouedu.inContent-Length: 96Connection: Keep-AliveCache-Control: no-cache |
Source: global traffic |
HTTP traffic detected: POST /rofl/admin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36Host: javaforyouedu.inContent-Length: 96Connection: Keep-AliveCache-Control: no-cache |
Source: global traffic |
HTTP traffic detected: POST /rofl/admin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36Host: javaforyouedu.inContent-Length: 96Connection: Keep-AliveCache-Control: no-cache |
Source: rundll32.exe, 00000003.00000002.4122414649.000001CDED202000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000003.00000003.2024553634.000001CDED19F000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000003.00000002.4122414649.000001CDED19F000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000003.00000003.2337575131.000001CDED19F000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000003.00000003.2337575131.000001CDED207000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000004.00000002.4122385364.000001FB0D930000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000004.00000003.3711576277.000001FB0D930000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000004.00000003.2640820421.000001FB0D995000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000004.00000003.2024250096.000001FB0D935000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000004.00000003.2336710000.000001FB0D995000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000005.00000003.3122503909.000001E8C6CB6000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000005.00000002.4122196214.000001E8C6CB6000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000005.00000002.4122196214.000001E8C6C56000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000005.00000003.3851106609.000001E8C6CB6000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000005.00000003.3597962223.000001E8C6CB6000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000005.00000003.3385284343.000001E8C6CB6000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://javaforyouedu.in/ |
Source: rundll32.exe, 00000003.00000003.2024553634.000001CDED19F000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000003.00000002.4122414649.000001CDED19F000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000003.00000003.2337575131.000001CDED19F000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://javaforyouedu.in/- |
Source: rundll32.exe, 00000004.00000003.1716599072.000001FB0D991000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000004.00000003.1717104370.000001FB0D991000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://javaforyouedu.in/H |
Source: rundll32.exe, 00000005.00000003.2318339849.000001E8C6CB6000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000005.00000003.2483934674.000001E8C6CB6000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://javaforyouedu.in/O |
Source: rundll32.exe, 00000005.00000002.4122196214.000001E8C6C85000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000005.00000002.4122196214.000001E8C6C8B000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000005.00000003.2483934674.000001E8C6CB6000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000005.00000003.3385284343.000001E8C6CB6000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://javaforyouedu.in/rofl/admin |
Source: rundll32.exe, 00000005.00000003.2483934674.000001E8C6C8B000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://javaforyouedu.in/rofl/admin# |
Source: rundll32.exe, 00000005.00000003.2318339849.000001E8C6CB6000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://javaforyouedu.in/rofl/admin2 |
Source: rundll32.exe, 00000003.00000003.3145988406.000001CDED22A000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://javaforyouedu.in/rofl/admin4 |
Source: rundll32.exe, 00000003.00000002.4122414649.000001CDED1DA000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000003.00000003.2337575131.000001CDED1DB000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000003.00000003.2024553634.000001CDED1DB000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://javaforyouedu.in/rofl/admin8x |
Source: rundll32.exe, 00000005.00000003.3122503909.000001E8C6CB6000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000005.00000003.3851106609.000001E8C6CB6000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000005.00000003.2483934674.000001E8C6CB6000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://javaforyouedu.in/rofl/admin9 |
Source: rundll32.exe, 00000004.00000003.3711576277.000001FB0D918000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000004.00000002.4122385364.000001FB0D918000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://javaforyouedu.in/rofl/admin= |
Source: rundll32.exe, 00000004.00000002.4122385364.000001FB0D994000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000005.00000003.3597962223.000001E8C6CB6000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000005.00000003.3385284343.000001E8C6CB6000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://javaforyouedu.in/rofl/adminA |
Source: rundll32.exe, 00000005.00000003.3597962223.000001E8C6CB6000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000005.00000003.2483934674.000001E8C6CB6000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://javaforyouedu.in/rofl/adminD |
Source: rundll32.exe, 00000004.00000003.3711576277.000001FB0D994000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://javaforyouedu.in/rofl/adminL |
Source: rundll32.exe, 00000005.00000003.3122503909.000001E8C6CD6000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000005.00000003.2318339849.000001E8C6CD6000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000005.00000003.2484020877.000001E8C6CD6000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000005.00000003.1958211641.000001E8C6CD5000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000005.00000003.3851202401.000001E8C6CD6000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000005.00000003.3385381204.000001E8C6CD6000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000005.00000003.1958118482.000001E8C6CB6000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000005.00000003.3597962223.000001E8C6CD6000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000005.00000002.4122196214.000001E8C6CD6000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://javaforyouedu.in/rofl/adminM |
Source: rundll32.exe, 00000005.00000003.3122503909.000001E8C6CB6000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000005.00000003.3851106609.000001E8C6CB6000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000005.00000003.3597962223.000001E8C6CB6000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000005.00000003.3385284343.000001E8C6CB6000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://javaforyouedu.in/rofl/adminN |
Source: rundll32.exe, 00000004.00000003.3711576277.000001FB0D966000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://javaforyouedu.in/rofl/adminYcM( |
Source: rundll32.exe, 00000005.00000003.2483934674.000001E8C6C85000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000005.00000003.1958118482.000001E8C6C85000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000005.00000003.3122503909.000001E8C6C85000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000005.00000003.3597962223.000001E8C6C85000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000005.00000003.2318339849.000001E8C6C85000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000005.00000003.3385284343.000001E8C6C85000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000005.00000003.3851106609.000001E8C6C85000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000005.00000002.4122196214.000001E8C6C85000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://javaforyouedu.in/rofl/admini |
Source: rundll32.exe, 00000004.00000003.3711576277.000001FB0D918000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000004.00000002.4122385364.000001FB0D918000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://javaforyouedu.in/rofl/admink |
Source: rundll32.exe, 00000004.00000003.3711716551.000001FB0D9B1000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000004.00000003.2640820421.000001FB0D995000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000004.00000003.2640866940.000001FB0D9B0000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000004.00000003.2024200405.000001FB0D995000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000004.00000003.2853714968.000001FB0D994000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000004.00000003.2336772158.000001FB0D9B0000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000004.00000002.4122385364.000001FB0D994000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000004.00000003.2336710000.000001FB0D995000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000004.00000003.2853768398.000001FB0D9B0000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://javaforyouedu.in/rofl/admino |
Source: rundll32.exe, 00000005.00000002.4122196214.000001E8C6CB6000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://javaforyouedu.in/rofl/admins |
Source: rundll32.exe, 00000003.00000002.4122414649.000001CDED1DA000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000003.00000003.2337575131.000001CDED1DB000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000003.00000003.2024553634.000001CDED1DB000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://javaforyouedu.in/rofl/adminux |
Source: rundll32.exe, 00000004.00000003.3711576277.000001FB0D966000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://javaforyouedu.in/rofl/adminxcn( |
Source: rundll32.exe, 00000005.00000003.3597962223.000001E8C6C8B000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://javaforyouedu.in/rofl/adminy |
Source: rundll32.exe, 00000004.00000003.1716599072.000001FB0D991000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000004.00000003.1717104370.000001FB0D991000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://javaforyouedu.in/rofl/admin~ |
Source: rundll32.exe, 00000004.00000002.4122385364.000001FB0D930000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000004.00000003.3711576277.000001FB0D930000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000004.00000003.2024250096.000001FB0D935000.00000004.00000020.00020000.00000000.sdmp |
String found in binary or memory: https://javaforyouedu.in/wA |
Source: unknown |
Network traffic detected: HTTP traffic on port 49733 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49744 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49743 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49742 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49766 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49743 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49762 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49769 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49759 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49753 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49735 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49734 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49733 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49732 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49731 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49732 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49730 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49742 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49767 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49749 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49763 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49752 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49735 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49769 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49768 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49756 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49767 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49766 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49758 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49765 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49764 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49731 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49763 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49762 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49761 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49760 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49748 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49760 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49764 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49745 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49751 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49759 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49758 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49757 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49755 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49756 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49755 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49757 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49734 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49754 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49753 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49752 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49730 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49751 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49750 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49761 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49765 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49747 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49744 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49768 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49750 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49749 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49748 |
Source: unknown |
Network traffic detected: HTTP traffic on port 49754 -> 443 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49747 |
Source: unknown |
Network traffic detected: HTTP traffic on port 443 -> 49745 |
Source: C:\Windows\System32\rundll32.exe |
Code function: 3_3_000001CDED27BA3A |
3_3_000001CDED27BA3A |
Source: C:\Windows\System32\rundll32.exe |
Code function: 3_2_00007FFE133025E0 |
3_2_00007FFE133025E0 |
Source: C:\Windows\System32\rundll32.exe |
Code function: 5_2_000001E8C8766150 |
5_2_000001E8C8766150 |
Source: C:\Windows\System32\rundll32.exe |
Code function: 5_2_000001E8C8764120 |
5_2_000001E8C8764120 |
Source: C:\Windows\System32\rundll32.exe |
Code function: 5_2_000001E8C8761D00 |
5_2_000001E8C8761D00 |
Source: C:\Windows\System32\rundll32.exe |
Code function: 5_2_000001E8C87644F0 |
5_2_000001E8C87644F0 |
Source: C:\Windows\System32\rundll32.exe |
Code function: 5_2_000001E8C874C9C0 |
5_2_000001E8C874C9C0 |
Source: C:\Windows\System32\rundll32.exe |
Code function: 5_2_000001E8C876E1B0 |
5_2_000001E8C876E1B0 |
Source: C:\Windows\System32\rundll32.exe |
Code function: 5_2_000001E8C87701B0 |
5_2_000001E8C87701B0 |
Source: C:\Windows\System32\rundll32.exe |
Code function: 5_2_000001E8C8759580 |
5_2_000001E8C8759580 |
Source: C:\Windows\System32\rundll32.exe |
Code function: 5_2_000001E8C8745EC0 |
5_2_000001E8C8745EC0 |
Source: C:\Windows\System32\rundll32.exe |
Code function: 5_2_000001E8C875A2A0 |
5_2_000001E8C875A2A0 |
Source: C:\Windows\System32\rundll32.exe |
Code function: 5_2_000001E8C876F690 |
5_2_000001E8C876F690 |
Source: C:\Windows\System32\rundll32.exe |
Code function: 5_2_000001E8C8752B60 |
5_2_000001E8C8752B60 |
Source: C:\Windows\System32\rundll32.exe |
Code function: 5_2_000001E8C8757750 |
5_2_000001E8C8757750 |
Source: C:\Windows\System32\rundll32.exe |
Code function: 5_2_000001E8C8756730 |
5_2_000001E8C8756730 |
Source: C:\Windows\System32\rundll32.exe |
Code function: 5_2_000001E8C87533A0 |
5_2_000001E8C87533A0 |
Source: C:\Windows\System32\rundll32.exe |
Code function: 5_2_000001E8C875EBA0 |
5_2_000001E8C875EBA0 |
Source: C:\Windows\System32\rundll32.exe |
Code function: 5_2_000001E8C8758B90 |
5_2_000001E8C8758B90 |
Source: C:\Windows\System32\rundll32.exe |
Code function: 5_2_000001E8C8760380 |
5_2_000001E8C8760380 |
Source: C:\Windows\System32\rundll32.exe |
Code function: 5_2_000001E8C874AF70 |
5_2_000001E8C874AF70 |
Source: C:\Windows\System32\rundll32.exe |
Code function: 5_2_000001E8C874A020 |
5_2_000001E8C874A020 |
Source: C:\Windows\System32\rundll32.exe |
Code function: 5_2_000001E8C8752010 |
5_2_000001E8C8752010 |
Source: C:\Windows\System32\rundll32.exe |
Code function: 5_2_000001E8C8763010 |
5_2_000001E8C8763010 |
Source: C:\Windows\System32\rundll32.exe |
Code function: 5_2_000001E8C87650E0 |
5_2_000001E8C87650E0 |
Source: unknown |
Process created: C:\Windows\System32\loaddll64.exe loaddll64.exe "C:\Users\user\Desktop\IMS64.dll.dll" |
|
Source: C:\Windows\System32\loaddll64.exe |
Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 |
|
Source: C:\Windows\System32\loaddll64.exe |
Process created: C:\Windows\System32\cmd.exe cmd.exe /C rundll32.exe "C:\Users\user\Desktop\IMS64.dll.dll",#1 |
|
Source: C:\Windows\System32\loaddll64.exe |
Process created: C:\Windows\System32\rundll32.exe rundll32.exe C:\Users\user\Desktop\IMS64.dll.dll,main |
|
Source: C:\Windows\System32\cmd.exe |
Process created: C:\Windows\System32\rundll32.exe rundll32.exe "C:\Users\user\Desktop\IMS64.dll.dll",#1 |
|
Source: C:\Windows\System32\loaddll64.exe |
Process created: C:\Windows\System32\rundll32.exe rundll32.exe "C:\Users\user\Desktop\IMS64.dll.dll",main |
|
Source: C:\Windows\System32\loaddll64.exe |
Process created: C:\Windows\System32\cmd.exe cmd.exe /C rundll32.exe "C:\Users\user\Desktop\IMS64.dll.dll",#1 |
Jump to behavior |
Source: C:\Windows\System32\loaddll64.exe |
Process created: C:\Windows\System32\rundll32.exe rundll32.exe C:\Users\user\Desktop\IMS64.dll.dll,main |
Jump to behavior |
Source: C:\Windows\System32\loaddll64.exe |
Process created: C:\Windows\System32\rundll32.exe rundll32.exe "C:\Users\user\Desktop\IMS64.dll.dll",main |
Jump to behavior |
Source: C:\Windows\System32\cmd.exe |
Process created: C:\Windows\System32\rundll32.exe rundll32.exe "C:\Users\user\Desktop\IMS64.dll.dll",#1 |
Jump to behavior |
Source: C:\Windows\System32\rundll32.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\System32\rundll32.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\System32\rundll32.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\System32\rundll32.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\System32\rundll32.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\System32\rundll32.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\System32\rundll32.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\System32\rundll32.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\System32\rundll32.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\System32\rundll32.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\System32\rundll32.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\System32\rundll32.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\System32\rundll32.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\System32\rundll32.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: C:\Windows\System32\rundll32.exe |
Process information set: NOOPENFILEERRORBOX |
Jump to behavior |
Source: rundll32.exe, 00000003.00000002.4122414649.000001CDED148000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000003.00000003.2024553634.000001CDED19F000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000003.00000002.4122414649.000001CDED19F000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000003.00000003.2337575131.000001CDED19F000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000004.00000002.4122385364.000001FB0D930000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000004.00000003.3711576277.000001FB0D930000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000004.00000003.2024250096.000001FB0D935000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000004.00000002.4122385364.000001FB0D8D8000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000005.00000002.4122196214.000001E8C6C56000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000005.00000002.4122196214.000001E8C6BEF000.00000004.00000020.00020000.00000000.sdmp, rundll32.exe, 00000005.00000002.4122196214.000001E8C6C3D000.00000004.00000020.00020000.00000000.sdmp |
Binary or memory string: Hyper-V RAW |