ChrisTitusTech_debloatWin10_elQueAnda[.]rar | Triage

Submit
Reports

Overview

overview

Static

static

ChrisTitus...rch.sh

ubuntu-18.04-amd64

8

ChrisTitus...rch.sh

debian-9-armhf

8

ChrisTitus...rch.sh

debian-9-mips

8

ChrisTitus...rch.sh

debian-9-mipsel

8

ChrisTitus...deb.sh

ubuntu-18.04-amd64

7

ChrisTitus...deb.sh

debian-9-armhf

5

ChrisTitus...deb.sh

debian-9-mips

5

ChrisTitus...deb.sh

debian-9-mipsel

5

ChrisTitus...it.ps1

windows7-x64

1

ChrisTitus...it.ps1

windows10-2004-x64

1

ChrisTitus...on.ps1

windows7-x64

1

ChrisTitus...on.ps1

windows10-2004-x64

1

ChrisTitus...ds.ps1

windows7-x64

8

ChrisTitus...ds.ps1

windows10-2004-x64

8

ChrisTitus...os.ps1

windows7-x64

8

ChrisTitus...os.ps1

windows10-2004-x64

8

ChrisTitus...py.ps1

windows7-x64

1

ChrisTitus...py.ps1

windows10-2004-x64

1

ChrisTitus...or.cmd

windows7-x64

1

ChrisTitus...or.cmd

windows10-2004-x64

1

ChrisTitus...at.ps1

windows7-x64

ChrisTitus...at.ps1

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

ChrisTitusTech_debloatWin10_elQueAnda/cttscript/HyperV Tools/arch.sh

Resource

ubuntu1804-amd64-en-20211208

ubuntu-18.04-amd64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

ChrisTitusTech_debloatWin10_elQueAnda/cttscript/HyperV Tools/arch.sh

Resource

debian9-armhf-20221111-en

debian-9-armhf

5 signatures

150 seconds

Behavioral task

behavioral3

Sample

ChrisTitusTech_debloatWin10_elQueAnda/cttscript/HyperV Tools/arch.sh

Resource

debian9-mipsbe-en-20211208

debian-9-mips

5 signatures

150 seconds

Behavioral task

behavioral4

Sample

ChrisTitusTech_debloatWin10_elQueAnda/cttscript/HyperV Tools/arch.sh

Resource

debian9-mipsel-20221111-en

debian-9-mipsel

5 signatures

150 seconds

Behavioral task

behavioral5

Sample

ChrisTitusTech_debloatWin10_elQueAnda/cttscript/HyperV Tools/deb.sh

Resource

ubuntu1804-amd64-en-20211208

ubuntu-18.04-amd64

2 signatures

150 seconds

Behavioral task

behavioral6

Sample

ChrisTitusTech_debloatWin10_elQueAnda/cttscript/HyperV Tools/deb.sh

Resource

debian9-armhf-20221111-en

debian-9-armhf

1 signatures

150 seconds

Behavioral task

behavioral7

Sample

ChrisTitusTech_debloatWin10_elQueAnda/cttscript/HyperV Tools/deb.sh

Resource

debian9-mipsbe-en-20211208

debian-9-mips

1 signatures

150 seconds

Behavioral task

behavioral8

Sample

ChrisTitusTech_debloatWin10_elQueAnda/cttscript/HyperV Tools/deb.sh

Resource

debian9-mipsel-20221111-en

debian-9-mipsel

1 signatures

150 seconds

Behavioral task

behavioral9

Sample

ChrisTitusTech_debloatWin10_elQueAnda/cttscript/HyperV Tools/vm-gpusplit.ps1

Resource

win7-20220812-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral10

Sample

ChrisTitusTech_debloatWin10_elQueAnda/cttscript/HyperV Tools/vm-gpusplit.ps1

Resource

win10v2004-20221111-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral11

Sample

ChrisTitusTech_debloatWin10_elQueAnda/cttscript/HyperV Tools/vm-setresolution.ps1

Resource

win7-20220812-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral12

Sample

ChrisTitusTech_debloatWin10_elQueAnda/cttscript/HyperV Tools/vm-setresolution.ps1

Resource

win10v2004-20220812-en

windows10-2004-x64

7 signatures

150 seconds

Behavioral task

behavioral13

Sample

ChrisTitusTech_debloatWin10_elQueAnda/cttscript/Individual Scripts/block-ads.ps1

Resource

win7-20220812-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral14

Sample

ChrisTitusTech_debloatWin10_elQueAnda/cttscript/Individual Scripts/block-ads.ps1

Resource

win10v2004-20221111-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral15

Sample

ChrisTitusTech_debloatWin10_elQueAnda/cttscript/Individual Scripts/block-eos.ps1

Resource

win7-20221111-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral16

Sample

ChrisTitusTech_debloatWin10_elQueAnda/cttscript/Individual Scripts/block-eos.ps1

Resource

win10v2004-20220812-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral17

Sample

ChrisTitusTech_debloatWin10_elQueAnda/cttscript/Individual Scripts/robocopy.ps1

Resource

win7-20220812-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral18

Sample

ChrisTitusTech_debloatWin10_elQueAnda/cttscript/Individual Scripts/robocopy.ps1

Resource

win10v2004-20220812-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral19

Sample

ChrisTitusTech_debloatWin10_elQueAnda/cttscript/Individual Scripts/spotlightimageextractor.cmd

Resource

win7-20221111-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral20

Sample

ChrisTitusTech_debloatWin10_elQueAnda/cttscript/Individual Scripts/spotlightimageextractor.cmd

Resource

win10v2004-20221111-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral21

Sample

ChrisTitusTech_debloatWin10_elQueAnda/cttscript/old-win10debloat.ps1

Resource

win7-20220812-en

discovery evasion ransomware

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral22

Sample

ChrisTitusTech_debloatWin10_elQueAnda/cttscript/old-win10debloat.ps1

Resource

win10v2004-20220812-en

windows10-2004-x64

4 signatures

150 seconds

General

Target

ChrisTitusTech_debloatWin10_elQueAnda.rar
Size

83KB
MD5

02edf6674f87c78de097b9bbec4fb74e
SHA1

ae086d17f9906260474f5919b5a0d7729c90f7da
SHA256

33c21bf2e0c7f058fc2d76c9fa41e7fa203b1793b45ea61fec551186998f709a
SHA512

a83f4c3a21dee408cfae4c1964db29bc464995a1304328c1156ff3c2bdf77bf40357961dec516a52e1907316e7e3732d8fad829bfbff89f8ea86bce23bb8ddaf
SSDEEP

1536:ZKA5zeRLNS8s1Z426C/yqa9AO1HaskNc0BHofR4Xva85RovZ3zn66wVLQ8V0oi:ZKAluLQ8s1Z4rC/jazuNtBHoRYyCRovF

Score

10^/10

Malware Config

Extracted

Language

ps1

Source

URLs

exe.dropper

https://raw.githubusercontent.com/ChrisTitusTech/win10script/master/ooshutup10.cfg

exe.dropper

https://dl5.oo-software.com/files/ooshutup10/OOSU10.exe

Signatures

Files

ChrisTitusTech_debloatWin10_elQueAnda.rar
.rar
ChrisTitusTech_debloatWin10_elQueAnda/cttscript/.DS_Store
ChrisTitusTech_debloatWin10_elQueAnda/cttscript/.gitignore
ChrisTitusTech_debloatWin10_elQueAnda/cttscript/HyperV Tools/arch.sh
.sh linux
ChrisTitusTech_debloatWin10_elQueAnda/cttscript/HyperV Tools/deb.sh
.sh linux
ChrisTitusTech_debloatWin10_elQueAnda/cttscript/HyperV Tools/vm-gpusplit.ps1
ChrisTitusTech_debloatWin10_elQueAnda/cttscript/HyperV Tools/vm-setresolution.ps1
ChrisTitusTech_debloatWin10_elQueAnda/cttscript/Individual Scripts/.DS_Store
ChrisTitusTech_debloatWin10_elQueAnda/cttscript/Individual Scripts/block-ads.ps1
ChrisTitusTech_debloatWin10_elQueAnda/cttscript/Individual Scripts/block-eos.ps1
ChrisTitusTech_debloatWin10_elQueAnda/cttscript/Individual Scripts/robocopy.ps1
ChrisTitusTech_debloatWin10_elQueAnda/cttscript/Individual Scripts/spotlightimageextractor.cmd
ChrisTitusTech_debloatWin10_elQueAnda/cttscript/LICENSE
ChrisTitusTech_debloatWin10_elQueAnda/cttscript/README.TXT
ChrisTitusTech_debloatWin10_elQueAnda/cttscript/old-win10debloat.ps1
.ps1
ChrisTitusTech_debloatWin10_elQueAnda/cttscript/ooshutup10.cfg
ChrisTitusTech_debloatWin10_elQueAnda/cttscript/security-updates-only.reg
ChrisTitusTech_debloatWin10_elQueAnda/cttscript/titus-toolbox.png
.png

© 2018-2025

Terms | Privacy