General

  • Target

    Release.zip

  • Size

    26.1MB

  • Sample

    230122-27wckaab42

  • MD5

    eac1932340aa130a1518c0c0e04263c4

  • SHA1

    f70c37800cb019b1f54396cea93011103f8ab9d8

  • SHA256

    cda7f196f046729d8b4b2c2a818616dc0e33b1be2877b8e7f3d9086c3b364f47

  • SHA512

    e192541581df0787810fc28a5282b7ad712da544f4eb9f81ce2157741601084cc1967aa27da6cfd81a4363f94ce8c50df83d668f1e397e0bd92cfc49a57e7d5d

  • SSDEEP

    786432:vjXZs0olju0dBG20WTV9NB2GdSyOeOOKZ8+10:Tq0q7GQ/B2KSyOVe

Score
10/10

Malware Config

Extracted

Family

netwire

C2

hazbot.duckdns.org:3360

Attributes
  • activex_autorun

    false

  • copy_executable

    true

  • delete_original

    true

  • host_id

    HostId-%Rand%

  • install_path

    %AppData%\Install\Host.exe

  • keylogger_dir

    %AppData%\Logs\

  • lock_executable

    true

  • mutex

    fYGiNfhu

  • offline_keylogger

    true

  • password

    Hazza2021!

  • registry_autorun

    true

  • startup_name

    NetWire

  • use_mutex

    true

Targets

    • Target

      AForge.Video.DirectShow.dll

    • Size

      60KB

    • MD5

      17ed442e8485ac3f7dc5b3c089654a61

    • SHA1

      d3a17c1fdd6d54951141053f88bf8238dea0b937

    • SHA256

      666d44798d94eafa1ed21af79e9bc0293ffd96f863ab5d87f78bcee9ef9ffd6b

    • SHA512

      9118bf11760354e9971ae8b27f7f6a405e46145b39ca6e6b413cb2e729e51304b895965e9140f66c9e3ef7caa4f344762bf059688b23dd32e4c2df271394fea2

    • SSDEEP

      1536:XwumrikcyTpOKVi+Dqp6viPUCcvKWz3NTpAK+7KI4v8U:6dOKViKa6pOWbhpAKyKIVU

    Score
    1/10
    • Target

      AForge.Video.dll

    • Size

      20KB

    • MD5

      0bd34aa29c7ea4181900797395a6da78

    • SHA1

      ddffdcef29daddc36ca7d8ae2c8e01c1c8bb23a8

    • SHA256

      bafa6ed04ca2782270074127a0498dde022c2a9f4096c6bb2b8e3c08bb3d404d

    • SHA512

      a3734660c0aba1c2b27ab55f9e578371b56c82754a3b7cfd01e68c88967c8dada8d202260220831f1d1039a5a35bd1a67624398e689702481ac056d1c1ddcdb0

    • SSDEEP

      384:Wu9f/hWFwLX+WJ7gfZLTswhHDlOdKaCxkyf0l:HfpZL9uxE9Cxd8l

    Score
    1/10
    • Target

      Be.Windows.Forms.HexBox.dll

    • Size

      84KB

    • MD5

      0f20acb4c438892ff7ea03cc2cc15c52

    • SHA1

      075eeecedb3174b9c771964b03e93b1a0e18a2a8

    • SHA256

      01ca8976d287380d281552ffc31adef4544def22410fd55bc594783f252f80dc

    • SHA512

      a0115ca19521d2020e9e916520e96092882e72979e04a42f9add23879f0f9c151af9511c16dc44c08eaf7e06438c5906cfdf95efc0f82210f80fa65c075f00a9

    • SSDEEP

      1536:2hQF9hxG3t+n3RGSmxJpp5B/dvX5lwQu3rEGM6DhplzWZ47kn7kTXkF5Gj5qRt/8:nFpY+Gm/3lz4Vt/0Z8RG

    Score
    1/10
    • Target

      CSCore.dll

    • Size

      519KB

    • MD5

      94a312a6fcec0e78808bcea3d8ff67f5

    • SHA1

      fe760487d13f9a6f5f359036561105d4aca88a1f

    • SHA256

      e835139171eb0d63b6b4e02b0997cac040c02d295648a275d4c8d28b234c8e94

    • SHA512

      ecdedeee1ee4e35e4fbd2dea3a4dd8b0805166a9610a63affbfb673f2644588eacecba6b3a5a0052c202ab14c321800997512abc318d36a50b00cc86dc83ec1c

    • SSDEEP

      6144:qTOLDSWi9it6YQSJpAJNSgwB4dIiZsxFrRz0JfBT8hVNuNdrmh4K:oa2WR/YOBIORIJf84K

    Score
    1/10
    • Target

      DirectoryInfoEx.dll

    • Size

      224KB

    • MD5

      c515dca85bd4f84875e91abaae1d25ca

    • SHA1

      46a75f77a2c3f783d9288cfd5bb37abc653ae41d

    • SHA256

      6078383ce879071a317f0e3658d3938a86874f574be28797ad1cc612588468cc

    • SHA512

      3a7ad24e848e91a457fcf6147e817fee10512a19ad08eeb557ab66403e970f085890a97322f334545665e45a0bda0284a66c0223f0766268ce7549f8fa081b19

    • SSDEEP

      3072:KYANXahUroTgSXn0+DQ/IYfUlFkPPvWFXBARDXsBNvO+hHOuGCV36l/R5XKdJG6w:KYANXahzxtDsIYfULoPvp4V3wRViL0

    Score
    1/10
    • Target

      Exceptionless.Signed.dll

    • Size

      734KB

    • MD5

      4787a519cfd30d7a7687ee62de7d8a47

    • SHA1

      9f9213692517aaa331ab0622e24b9458f483e95e

    • SHA256

      57b7be985c0b4630b8ca581e978e88671ae5912d06807891edd1d10e552d3765

    • SHA512

      c74f7f4396082ab6f245ac7fcc61161cbc5582464bc78b3cf42deb08f9e44304568f462753b5c25122bcac4f58e766594426f7ff044d14c7b17f24825d3109d0

    • SSDEEP

      12288:SIKYlJjYbqxA6eWYHSpim8bVNVJIdUMhik5Kp5dBHLrVr4JOQ:l9a6erSpim8ZNVJI6x5dBHLrVr4JOQ

    Score
    1/10
    • Target

      Exceptionless.Wpf.Signed.dll

    • Size

      26KB

    • MD5

      1b3a319b40f7cf78253d79ce3b8c0d42

    • SHA1

      23b6d076946967e4921f97e024ed68b72cbfbe3b

    • SHA256

      60cc0b13a13be7b36f2e1637b4d8f7f64ccef198bb258b318fde9c2810ac2447

    • SHA512

      48ab69135c9f8c54eaf2c7b561ebf475d2a61e5911bcdf469b777f3bdea3d04697805fe09de7f81d57466e0904d2b625c7a1fd35e07f574c70ac70a6d486faf2

    • SSDEEP

      384:4foIgJjjnB13YuPwfkaNOAsL6L5vGLxrZfvTOtDTjzImcOFz/Ym1T9yQT0B0Am9B:4foZjjBJiLxkOtDbcsz/9NVGZBw7

    Score
    1/10
    • Target

      FluentCommandLineParser.dll

    • Size

      43KB

    • MD5

      d0220eb32a8a631ca29f55929c7046cb

    • SHA1

      553ec4ecc90676c7bb1de9f75a6b1226f39677aa

    • SHA256

      e6124423367a9ec411176e2714c16a041c1a8b3e1691845040b57b0d779bef14

    • SHA512

      63c2d7ac019d511751c57153bde64c5c57819a74ffbd1a893ea980211185296f018bc09980537394bb33e92508b4e14d87da8a6fba2ca87b820b9276d07a3445

    • SSDEEP

      768:/WDesbk1hc+zloHIC/+9LXPnnx+N8iRnFidzsREmm:eDejkc9LnAzaIRS

    Score
    1/10
    • Target

      GongSolutions.WPF.DragDrop.dll

    • Size

      84KB

    • MD5

      c99a3eb6cab008e4e098399c20325570

    • SHA1

      2308f9e8611b18ad6146c2c136f9528898b687da

    • SHA256

      61356da44ed466e5da58623af25a0abe812ee69dea1d017b40b4291c08041cbe

    • SHA512

      8b48dd9fa6c9d6b65e3671397c929f7e696abca5f44593148adc513cce733be80f76d72fa998839cc93fdd12bb8f8dfe7cb6370412549a03ccf6970bf26b3adb

    • SSDEEP

      1536:ca4fR6+ye4nlm5yQTeTDTmTmTUuhECZ9wSMezmjFu1KfnATPMumRUfv:v4fRJyeklm5y1fZ9wSVmjFu12ATPMXE

    Score
    1/10
    • Target

      ICSharpCode.AvalonEdit.dll

    • Size

      604KB

    • MD5

      ecd9c594b35bead0588818206428ab49

    • SHA1

      65694ab8bfda267bf3a066e1823d837dcca10f95

    • SHA256

      86ff97015da0c2802b1c1c35d4e9c3c21cb024258557eff9cade16a9d58bd34b

    • SHA512

      c9740b397ab68406a0a8f6a334631484c4daf61968bb9a1ececb9f797d63d0da5a32956fc9186cad3474d6543171dee01cdd93c077d2563ae99b836b3a44bf3e

    • SSDEEP

      6144:GYFY292KUWr4025LGh+XlKWE6yPLNE2CXBfM+kVsjXs+glR0jqmV95joM:Nm70E2JJE2CXyFlfA

    Score
    1/10
    • Target

      ICSharpCode.SharpZipLib.dll

    • Size

      196KB

    • MD5

      c8164876b6f66616d68387443621510c

    • SHA1

      7a9df9c25d49690b6a3c451607d311a866b131f4

    • SHA256

      40b3d590f95191f3e33e5d00e534fa40f823d9b1bb2a9afe05f139c4e0a3af8d

    • SHA512

      44a6accc70c312a16d0e533d3287e380997c5e5d610dbeaa14b2dbb5567f2c41253b895c9817ecd96c85d286795bbe6ab35fd2352fddd9d191669a2fb0774bc4

    • SSDEEP

      3072:hjMibqfQqFyGCDXiW9Pp/+Tl4abpuu201PB1BBXIDwtqSPVINrAfvp1:GibqI59PpOPf201/z7p

    Score
    1/10
    • Target

      Lidgren.Network.dll

    • Size

      117KB

    • MD5

      a6fdc03e2cbdfa9d393512606097a1ff

    • SHA1

      c63933c082d282a284250deceb51d0d300647fe7

    • SHA256

      bf9948c27bd2947a42ea51ccc63b93f2b9030bd117393e1d7637a5770b9b0776

    • SHA512

      2ec59fd17cd34741ab8d0ef0d8ef3533ef38b03e98d65bb1a19940349b16e47142b0d407946cb05bfc63d7859c1472c0906a72be0e1dcee0c170b80270ad6ca2

    • SSDEEP

      3072:vmwfq+PlFS1gh72NkCM9eu3JcCDMFfXZkHhKQ6u80y8/ko1r8ApI9G:uaVh7CTu3iI/NJe

    Score
    1/10
    • Target

      MahApps.Metro.IconPacks.Material.dll

    • Size

      1.1MB

    • MD5

      d8e627aadfb6dfed292be0672faa9f15

    • SHA1

      2a7f51711bffd75ecb2d7ff2f510c89eecd16366

    • SHA256

      97f4ca8c89ee13b8c249ca6f929d067ba3e87be07b4afa372fdc0a7e9e6e78e1

    • SHA512

      d5139830d367a29e76ca260d9b17955cff80f1779c157551642f7e13d9abd265335ba0bbda433e8898042d482f29d79c48683fede4b8af746b69a7dfcd02098c

    • SSDEEP

      6144:z40kYmQYwygR8Vi3vTZ20kuCcrY5eakqF09HfnmnygreJrextoqQpddv0dxHde:MpYm

    Score
    1/10
    • Target

      MahApps.Metro.dll

    • Size

      1020KB

    • MD5

      63a79e31b7bc52bb9aec3a747cbb63fe

    • SHA1

      dc62080001c75242dee8686b6d8078efcb37e2a7

    • SHA256

      fb5fae42fcc19f3fe3ed2d9b1fdf0594a4c442148b58ac4d2a9dafdda847e673

    • SHA512

      3af468554238df0807e25446fe028e9de381d3b0086edd8d9ff1aab52bb8986a9dddb5618d2a4f6d1aa6011187bcda4cd1858bf72d4a8bdf253c350bd0292b32

    • SSDEEP

      24576:67VgpmKf/Yuhd57OytB4052NWxV/5Tk1:y+DB40RxV/O1

    Score
    1/10
    • Target

      Microsoft.Threading.Tasks.dll

    • Size

      36KB

    • MD5

      d01819bfe03222dfa9e35a36555b6b6c

    • SHA1

      25f8069590b14724f28e6a04b8a42e4ef4a8562d

    • SHA256

      5f29e16edff5379e93d5be9bee4cddf98132b84326027688511ac0f3157aaf94

    • SHA512

      e63901f39315972e446768f2c14b4279cf1dd382f97ac90c444c4d858c2a486736a259c47245026b11e5c0846310e7da020bf2466ea91aa0a15d22cb67b37477

    • SSDEEP

      384:AjCan21RTf1FuPIgbSVHfiWvoVZHL+8SChE+QNEv4USWyWcWZ1q//0GftpBjfuHk:A+e21RTrgbSpfihdvF4eg8iUHWTmlr+

    Score
    1/10
    • Target

      Mono.Cecil.dll

    • Size

      263KB

    • MD5

      cc0bc97cb18ac4e7c6f4decf0218a127

    • SHA1

      8901c4a54995aed5e786dda0928905bcb98242e2

    • SHA256

      ea592e7ba43cb057966778b0027c0d6e7ce9672741b5d3c8c927d48918366183

    • SHA512

      e5865188de26c7e8d71c000224626d7dd0b26a5542acc9bf8f7974f5cb595386fd25e6e425ecaf57550e12600c6f37670a19a3a361381c10b97f9a26d1cfd856

    • SSDEEP

      3072:Ko8MptdteyB+kknlDeYJgM67aBsPvVIoPbAFhA+9+qk7o++++9+OddQIZ9c1nquO:Ko8Icybkl6YJgMHgdnqujDbDW4i8XS

    Score
    1/10
    • Target

      NLog.dll

    • Size

      857KB

    • MD5

      faa57eeec670867f3de4429ab8cb8d27

    • SHA1

      1f9c97e2d56abd6540861a17ef0ee8aa8ab35b0a

    • SHA256

      2ebc7fc225ffc9eca11b40c140a3e76867d9c0f87d4240c2a4336a20ea5ce50c

    • SHA512

      423d82189272499917ac7daa53e74770dc8fbca7fe9931abfe8c62985c2409424764b3ecfc5cf071485e9d836dcdae6c35fcc6f0f37cc0ebffb9afde1022dcdc

    • SSDEEP

      12288:v1g1a9wdGNA9qQmDocTrP5rs3ekNuquwKUYaDyUsQ:v1g1a9wdGNA9qQco+rh0uqvKUYamUsQ

    Score
    1/10
    • Target

      Newtonsoft.Json.dll

    • Size

      685KB

    • MD5

      081d9558bbb7adce142da153b2d5577a

    • SHA1

      7d0ad03fbda1c24f883116b940717e596073ae96

    • SHA256

      b624949df8b0e3a6153fdfb730a7c6f4990b6592ee0d922e1788433d276610f3

    • SHA512

      2fdf035661f349206f58ea1feed8805b7f9517a21f9c113e7301c69de160f184c774350a12a710046e3ff6baa37345d319b6f47fd24fbba4e042d54014bee511

    • SSDEEP

      12288:U9BzaPm657wqehcZBLX+HK+kPJUQEKx07N0TCBGiBCjC0PDgM5j9FKjc3Q5:U8m657w6ZBLmkitKqBCjC0PDgM5A5

    Score
    1/10
    • Target

      Ookii.Dialogs.Wpf.dll

    • Size

      100KB

    • MD5

      4e97341a02937d44541aba4a7bd14752

    • SHA1

      48195c1e8b2cdd6168c13cd7c979167ca90b6fc1

    • SHA256

      afb70c199f3835386a86806bce62a730a65b88e57c2dc1a05793e0c21b9528bb

    • SHA512

      12c2d1240f1563ee4ac21f42e0176bf6d7eaa57711a39e2978df4040ee10cf3897874f8210d3b8aa57079a6a9d53ab335ed179ce6c1e91512f1569d2618a759d

    • SSDEEP

      1536:Gpjf1JGitoDFYb4jIP/sx+ffRR0jB/XliCyawyOApFh8sm6b0V2K:KjSiuDcjvR6xXliK5k

    Score
    1/10
    • Target

      OpusWrapper.dll

    • Size

      843KB

    • MD5

      928d7fa264c96ad1140faeaf63dc01ee

    • SHA1

      381cdcf0793886bb22b6f4afa39ce200a24dc0a6

    • SHA256

      829ad0873c7c39899245202b81689c16ff50bf414876b8a99db8ba6c8e379807

    • SHA512

      d347ac3fa6f950b1bf17e2c6bb2036cc4644fbd5702e5a73590d972d44403256f94bf83585745701a468751ed684eda59f9dadaeb5e75a2d60f4c9b1370b1cbd

    • SSDEEP

      12288:VJwskteKPwaLStzL8tkjzUwsksX7GSWYMl7oeQOSYIDbjclvQMrox:3IteKc58aQ7GSW9NHVOPjcl7r

    Score
    1/10
    • Target

      Orcus.Administration.Commands.dll

    • Size

      173KB

    • MD5

      1f07365f8afdc1f6b1ea813717147c84

    • SHA1

      9b43b7d34028532a5cf8874325c0657108fc3658

    • SHA256

      3096123e36c68ff71c5f3f933d0c47b80e38e655c51e86b334c01c5652ed6c79

    • SHA512

      ae2ea9053946f80ec8733babfa01e275008fd61de8f370e1f2a436698eda547f7f43b72ceca6d8aa2df752c10bc7596027d29e406ed2263086cbe69b024b75bb

    • SSDEEP

      1536:44FzzdmCoW+6dfMkE9Xsaj6l1vWEQNeZTbHZXTjL+k9AeOPJy5M7A0y6/ml0Fd9p:a2MkC+1WNeZTbNL197x0HU8Vx

    Score
    1/10
    • Target

      Orcus.Administration.Core.dll

    • Size

      178KB

    • MD5

      693ce18f40cb1411161cab0b119da360

    • SHA1

      b95f56636b8e5f3fdff20dc32d9b397738385fec

    • SHA256

      f64381b5d65574bfd37828a02d2817e08d0073c3540529a0521d144d2798fa4f

    • SHA512

      9f9fc552bbb4819267295eed1e403395c91245a2aae4c3c902987792e7eacd9a46f46dea4d99f035266db2a5f8d50923eae245ef64fedabe9408d1403c9519a2

    • SSDEEP

      3072:x5SvX9uxVZm0+bnXefk4VYuX8lu3d6hFZ9trF7QraQRqhyn2FPNAprN:6P9uZm0SufkfbluN67Z9trBQrawqLPNI

    Score
    1/10
    • Target

      Orcus.Administration.FileExplorer.dll

    • Size

      108KB

    • MD5

      f467b2d306e8f441c04e91b4388a73ae

    • SHA1

      8fa3c34ce258c484843a1c711e3597a045034648

    • SHA256

      bfd646f16ffcbd3465629d51ada3af4f6328276bf9e6bd6275d00b143238166b

    • SHA512

      081c893c692ba0b8ff627a54e99bef8b4043b0035ae2854013dd77a674dbcd7c0cf59f9e2846e752c40b7195b2b88379443b4f65d77b7182645787bd9d87aafa

    • SSDEEP

      1536:9bRr/v2tt9q91egf//R7V/mZcyod/kf1W9pHXT2/jvRTk1NLWp35TJm7lBJO7Zx+:9bK9S1/Xwcyo+Yhj2hkzkJt7Zxn7FzI

    Score
    1/10
    • Target

      Orcus.Administration.Plugins.dll

    • Size

      36KB

    • MD5

      5d5f5e32d85fabb2edc0e65dc6dd4e3a

    • SHA1

      e926cef79651f853aa4ad74e12a4202e1298daf8

    • SHA256

      08c5dd1901231444c58133210a091da974ac4901fa9ce8c632718f82c6d8fc6b

    • SHA512

      adcf20e030b269efdc4f5f114cc7458d11ca02d6668363d729459f00f712df7d0233ce12fe094016f4b1baa50486199294b208cd2d6357eac715c07eb737039c

    • SSDEEP

      768:pex7Uk+2OtxAbEX74rY9H5KCct7qix1w:uUz2OrEEL4Md5HREw

    Score
    1/10
    • Target

      Orcus.Administration.Resources.dll

    • Size

      19.8MB

    • MD5

      b8fb678ce146f9f5d634d62e01b6b0cc

    • SHA1

      4e88414b32c3492272443d9f10a1725879671b49

    • SHA256

      bb178e602b9181520811d1b5e194b1e8ce6db510de2dc70914638bdb384e2910

    • SHA512

      f113aa63b3b1059d67454809df6f6c1477ef760833ad01a5978d3d0063f40e4c5fc63a2d82e9ed9381cfebb423f748dc19107812a4c4c5988804250f7d73481b

    • SSDEEP

      393216:lB8vLUoEEJPyeJC+UoEEJPyeJCTxUoEEJPyeJCtpCFfZ9j7fZ9:POopEJPyzpEJPy1GpEJPywpP/P

    Score
    1/10
    • Target

      Orcus.Administration.ViewModels.dll

    • Size

      514KB

    • MD5

      726658dc17a86736e5cb0fcbf10849be

    • SHA1

      05ef8079f0ec0a4f25bfbc8866e7feebd71c26fb

    • SHA256

      b93111843934019350962c0366f0cdc3f6294006a9328afd5be3a15a536360e5

    • SHA512

      e3cd1b3d1cb690de01d7137b79b059a8b676d9212ceae644d178ea11c4772932bb6813da10816683facdfa4c52ffee9c9b593e70502d7439204bc1dced355f8e

    • SSDEEP

      6144:oL0lfiAmzIdHvlTAubSUsRnkNY4TzTzf1poicr8NKyWukGWldcR1L:pl3yIJxForrGWHEL

    Score
    1/10
    • Target

      Orcus.Administration.exe

    • Size

      3.9MB

    • MD5

      8bcfa3fc8b4dce8524d55aad0763c70a

    • SHA1

      9812cfc3322f0ac7fd731c9af880739f35080953

    • SHA256

      121bcd1c5ba0c44404247ca290c32ff52aa60e2a10a441bf5ebc45d4bd48a4c5

    • SHA512

      b71fb55d538c386bde0e1c6279e8dee67eb6ec8a2b7c484eda111539c640679ff2306e675bf30222dc4ca25d3b7f3104934a1ef8931adae5f826581ba7ee1d99

    • SSDEEP

      49152:hEcQLtoVoAl40NVANW8cyTgTG1F+bPTeWne2Al4:dVoAl40NG48cyTN6PTeWne2Al4

    Score
    1/10
    • Target

      Orcus.Administration.exe.config

    • Size

      1KB

    • MD5

      a0521d282f834242fbdeab978202bc82

    • SHA1

      16a9488d62716d714da27f9dabeb3914f5149012

    • SHA256

      43f7d22fb4ca6134e3aa776452941856b8cc1efb0bb8082de0f22447b6daf926

    • SHA512

      849c6dd7d382e8a8957ae332c2e8567827adf610c7c457007047dd50f4bc160dd633d64f562f30653c1e3b803df241e0883b3da81e91ff98de4225ea9fe040c0

    Score
    1/10
    • Target

      OxyPlot.dll

    • Size

      536KB

    • MD5

      b5c0f9ea6d4d4c44172dc9d8770edd30

    • SHA1

      6f7c1a7175e3ebd1800fc6ced7fd03486434cb9e

    • SHA256

      bcad0cfecc043843008b4af27d74e4cf46638a06e5d9d8a7b09ffab6e5829a98

    • SHA512

      83d199cc7cf1e4cd7167a6b11a045ce04d20b0f582008cde5344278651c5311dcb05a873dfd324c9601c13a0c2babd02f2f290df83445eb96ce869052083bc64

    • SSDEEP

      12288:SChVpNEAvA+FNFjnYSebof/sT8iG4shCbCgNP:SChVpNr2Sebof/s/G4eMCgN

    Score
    1/10
    • Target

      SharpDX.DXGI.dll

    • Size

      125KB

    • MD5

      2b44c70c49b70d797fbb748158b5d9bb

    • SHA1

      93e00e6527e461c45c7868d14cf05c007e478081

    • SHA256

      3762d43c83af69cd38c9341a927ca6bd00f6bae8217c874d693047d6df4705bf

    • SHA512

      faced62f6ecbfa2ee0d7a47e300302d23030d1f28758cbe9c442e9d8d4f8359c59088aa6237a28103e43d248c8efc7eeaf2c184028701b752df6cce92d6854d0

    • SSDEEP

      1536:taSL4xpOaI0PXSgMkPXsHIrPQkrNCivO5Ib6VU3x8w85SMxcnqNojG5JW/UlibAs:taSLYpfI0fTtP8HIbQkreK

    Score
    1/10
    • Target

      SharpDX.Direct3D9.dll

    • Size

      338KB

    • MD5

      934da0e49208d0881c44fe19d5033840

    • SHA1

      a19c5a822e82e41752a08d3bd9110db19a8a5016

    • SHA256

      02da4af8cd4a8de19d816000caaae885e676b9e52f136ff071a279c2b8ad34c7

    • SHA512

      de62f629c2299b50af62893244a28895d63b78138c8632449984306f45de16bd01076eadbb0d75a700215e970c1df731e202ea640236c0f0da6ed15146193b59

    • SSDEEP

      6144:sF8TUNl4RaWH/EgJ2bOVbIbgiSC0EhS/:+8laWsgOOQHS

    Score
    1/10
    • Target

      ShellLibrary.dll

    • Size

      64KB

    • MD5

      5e174dd193799adfeafb9688c62fde07

    • SHA1

      2667bd01dcafc3edc532375daa585c9f1f3a8a0a

    • SHA256

      b77ee79499735288d16d5efd92ba13f87bcc3442e0141985ffc815b2c514630c

    • SHA512

      d692c71bd74a3c743b0d85977796205ea7d0dddc2d1ea8463185b5cdda80e89c16f64fcba1945a64d28bb18f307b74c34ad764b4f232ff81a929deab6cdc8e1d

    • SSDEEP

      1536:os/BxBZoiytOC6fA0yIS4NG+V3MqEnIR/B1crG:oOBqXuA+V3MnnAo6

    Score
    1/10

MITRE ATT&CK Matrix ATT&CK v6

Defense Evasion

Modify Registry

1
T1112

Tasks