acd81ee9a2774dfc08e99f544a73264b[.]bin

acd81ee9a2774dfc08e99f544a73264b.bin

.zip

Password: infected

a5c6570b63638c3b920cf6542587227ddf9ed77d3e372de1308c4dcc77b91087.zip

.zip

Password: infected

.local/.threat_dragon/.git/HEAD

.local/.threat_dragon/.git/config

.local/.threat_dragon/.git/description

.local/.threat_dragon/.git/index

.local/.threat_dragon/.git/packed-refs

.local/.threat_dragon/.gitattributes

.local/.threat_dragon/.gitignore

.local/.threat_dragon/.jshintignore

.local/.threat_dragon/.jshintrc

.local/.threat_dragon/.snyk

.local/.threat_dragon/.travis.yml

.local/.threat_dragon/LICENSE.txt

.local/.threat_dragon/README.md

.local/.threat_dragon/app/app.js

.js

.local/.threat_dragon/app/config.autoupdate.js

.js

.local/.threat_dragon/app/config.exceptionHandler.js

.js

.local/.threat_dragon/app/config.route.js

.js

.local/.threat_dragon/app/layout/index.js

.js

.local/.threat_dragon/app/layout/shell.html

.local/.threat_dragon/app/layout/shell.js

.js

.local/.threat_dragon/app/layout/update.html

.local/.threat_dragon/app/services/datacontext.js

.js

.local/.threat_dragon/app/services/datacontextdemo.js

.js

.local/.threat_dragon/app/services/electron.js

.js

.local/.threat_dragon/app/services/index.js

.js

.local/.threat_dragon/app/services/threatmodellocator.js

.js

.local/.threat_dragon/app/threatmodels/desktopreport.html

.local/.threat_dragon/app/threatmodels/desktopreport.js

.js

.local/.threat_dragon/app/threatmodels/index.js

.js

.local/.threat_dragon/app/welcome/index.js

.js

.local/.threat_dragon/app/welcome/welcome.html

.local/.threat_dragon/app/welcome/welcome.js

.js

.local/.threat_dragon/config/squirrel.js

.js

.local/.threat_dragon/content/app.css

.local/.threat_dragon/content/bootstrap-custom.css

.local/.threat_dragon/content/bootstrap-theme.css

.local/.threat_dragon/content/icons/icon.icns

.local/.threat_dragon/content/icons/icon.ico

.local/.threat_dragon/content/icons/png/1024x1024.gif

.gif

.local/.threat_dragon/content/icons/png/1024x1024.png

.png

.local/.threat_dragon/content/icons/png/128x128.png

.png

.local/.threat_dragon/content/icons/png/16x16.png

.png

.local/.threat_dragon/content/icons/png/24x24.png

.png

.local/.threat_dragon/content/icons/png/256x256.png

.png

.local/.threat_dragon/content/icons/png/32x32.png

.png

.local/.threat_dragon/content/icons/png/48x48.png

.png

.local/.threat_dragon/content/icons/png/512x512.png

.png

.local/.threat_dragon/content/icons/png/64x64.png

.png

.local/.threat_dragon/content/icons/png/96x96.png

.png

.local/.threat_dragon/content/icons/png/cupcakes-installing.gif

.gif

.local/.threat_dragon/content/icons/win/td.ico

.local/.threat_dragon/content/images/threatdragon.ico

.local/.threat_dragon/content/images/threatdragon_logo_image.svg

.local/.threat_dragon/content/images/thumbnail.jpg

.jpg

.local/.threat_dragon/content/threatdragon.css

.local/.threat_dragon/content/threatdragon.min.css

.local/.threat_dragon/content/ubuntu.css

.local/.threat_dragon/electron-builder.json

.local/.threat_dragon/fonts/4iCs6KVjbNBYlgoKfw72.woff2

.local/.threat_dragon/fonts/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

.local/.threat_dragon/fonts/FontAwesome.otf

.local/.threat_dragon/fonts/fontawesome-webfont.eot

.local/.threat_dragon/fonts/fontawesome-webfont.svg

.xml

.local/.threat_dragon/fonts/fontawesome-webfont.ttf

.local/.threat_dragon/fonts/fontawesome-webfont.woff

.local/.threat_dragon/fonts/fontawesome-webfont.woff2

.local/.threat_dragon/fonts/glyphicons-halflings-regular.eot

.local/.threat_dragon/fonts/glyphicons-halflings-regular.svg

.xml

.local/.threat_dragon/fonts/glyphicons-halflings-regular.ttf

.local/.threat_dragon/fonts/glyphicons-halflings-regular.woff

.local/.threat_dragon/fonts/glyphicons-halflings-regular.woff2

.local/.threat_dragon/index.html

.html

.local/.threat_dragon/installer-lin.js

.js

.local/.threat_dragon/installer-osx.js

.js

.local/.threat_dragon/installer-win.js

.js

.local/.threat_dragon/karma.conf.js

.js

.local/.threat_dragon/main.js

.js

.local/.threat_dragon/package-lock.json

.local/.threat_dragon/package.json

.local/.threat_dragon/public/content/images/thumbnail.jpg

.jpg

.local/.threat_dragon/screenshots/diagram.PNG

.png

.local/.threat_dragon/screenshots/threat.PNG

.png

.local/.threat_dragon/screenshots/welcome.PNG

.png

.local/.threat_dragon/tests/specs/datacontext_spec.js

.js

.local/.threat_dragon/tests/specs/datacontextdemo_spec.js

.js

.local/.threat_dragon/tests/specs/desktopreport_spec.js

.js

.local/.threat_dragon/tests/specs/shell_spec.js

.js

.local/.threat_dragon/tests/specs/support/jasmin.json

.local/.threat_dragon/tests/specs/test.js

.js

.local/.threat_dragon/tests/specs/threatmodellocator_spec.js

.js

.local/.threat_dragon/tests/specs/welcome_spec.js

.js

.local/bin/normalizer

.sh linux

.local/certifi-2021.5.30.dist-info/INSTALLER

.local/certifi-2021.5.30.dist-info/LICENSE

.local/certifi-2021.5.30.dist-info/METADATA

.local/certifi-2021.5.30.dist-info/RECORD

.local/certifi-2021.5.30.dist-info/WHEEL

.local/certifi-2021.5.30.dist-info/top_level.txt

.local/certifi/__init__.py

.local/certifi/__main__.py

.local/certifi/__pycache__/__init__.cpython-38.pyc

.local/certifi/__pycache__/__main__.cpython-38.pyc

.local/certifi/__pycache__/core.cpython-38.pyc

.local/certifi/cacert.pem

.local/certifi/core.py

.local/charset_normalizer-2.0.3.dist-info/INSTALLER

.local/charset_normalizer-2.0.3.dist-info/LICENSE

.local/charset_normalizer-2.0.3.dist-info/METADATA

.local/charset_normalizer-2.0.3.dist-info/RECORD

.local/charset_normalizer-2.0.3.dist-info/WHEEL

.local/charset_normalizer-2.0.3.dist-info/entry_points.txt

.local/charset_normalizer-2.0.3.dist-info/top_level.txt

.local/charset_normalizer/__init__.py

.local/charset_normalizer/__pycache__/__init__.cpython-38.pyc

.local/charset_normalizer/__pycache__/api.cpython-38.pyc

.local/charset_normalizer/__pycache__/cd.cpython-38.pyc

.local/charset_normalizer/__pycache__/constant.cpython-38.pyc

.local/charset_normalizer/__pycache__/legacy.cpython-38.pyc

.local/charset_normalizer/__pycache__/md.cpython-38.pyc

.local/charset_normalizer/__pycache__/models.cpython-38.pyc

.local/charset_normalizer/__pycache__/utils.cpython-38.pyc

.local/charset_normalizer/__pycache__/version.cpython-38.pyc

.local/charset_normalizer/api.py

.local/charset_normalizer/assets/__init__.py

.local/charset_normalizer/assets/__pycache__/__init__.cpython-38.pyc

.local/charset_normalizer/cd.py

.local/charset_normalizer/cli/__pycache__/__init__.cpython-38.pyc

.local/charset_normalizer/cli/__pycache__/normalizer.cpython-38.pyc

.local/charset_normalizer/cli/normalizer.py

.local/charset_normalizer/constant.py

.local/charset_normalizer/legacy.py

.local/charset_normalizer/md.py

.local/charset_normalizer/models.py

.local/charset_normalizer/utils.py

.local/charset_normalizer/version.py

.local/idna-3.2.dist-info/INSTALLER

.local/idna-3.2.dist-info/LICENSE.md

.local/idna-3.2.dist-info/METADATA

.local/idna-3.2.dist-info/RECORD

.local/idna-3.2.dist-info/WHEEL

.local/idna-3.2.dist-info/top_level.txt

.local/idna/__init__.py

.local/idna/__pycache__/__init__.cpython-38.pyc

.local/idna/__pycache__/codec.cpython-38.pyc

.local/idna/__pycache__/compat.cpython-38.pyc

.local/idna/__pycache__/core.cpython-38.pyc

.local/idna/__pycache__/idnadata.cpython-38.pyc

.local/idna/__pycache__/intranges.cpython-38.pyc

.local/idna/__pycache__/package_data.cpython-38.pyc

.local/idna/__pycache__/uts46data.cpython-38.pyc

.local/idna/codec.py

.local/idna/compat.py

.local/idna/core.py

.local/idna/idnadata.py

.local/idna/intranges.py

.local/idna/package_data.py

.local/idna/uts46data.py

.local/requests-2.26.0.dist-info/INSTALLER

.local/requests-2.26.0.dist-info/LICENSE

.local/requests-2.26.0.dist-info/METADATA

.local/requests-2.26.0.dist-info/RECORD

.local/requests-2.26.0.dist-info/WHEEL

.local/requests-2.26.0.dist-info/top_level.txt

.local/requests/__init__.py

.local/requests/__pycache__/__init__.cpython-38.pyc

.local/requests/__pycache__/__version__.cpython-38.pyc

.local/requests/__pycache__/_internal_utils.cpython-38.pyc

.local/requests/__pycache__/adapters.cpython-38.pyc

.local/requests/__pycache__/api.cpython-38.pyc

.local/requests/__pycache__/auth.cpython-38.pyc

.local/requests/__pycache__/certs.cpython-38.pyc

.local/requests/__pycache__/compat.cpython-38.pyc

.local/requests/__pycache__/cookies.cpython-38.pyc

.local/requests/__pycache__/exceptions.cpython-38.pyc

.local/requests/__pycache__/help.cpython-38.pyc

.local/requests/__pycache__/hooks.cpython-38.pyc

.local/requests/__pycache__/models.cpython-38.pyc

.local/requests/__pycache__/packages.cpython-38.pyc

.local/requests/__pycache__/sessions.cpython-38.pyc

.local/requests/__pycache__/status_codes.cpython-38.pyc

.local/requests/__pycache__/structures.cpython-38.pyc

.local/requests/__pycache__/utils.cpython-38.pyc

.local/requests/__version__.py

.local/requests/_internal_utils.py

.local/requests/adapters.py

.local/requests/api.py

.local/requests/auth.py

.local/requests/certs.py

.py .sh linux

.local/requests/compat.py

.local/requests/cookies.py

.local/requests/exceptions.py

.local/requests/help.py

.local/requests/hooks.py

.local/requests/models.py

.local/requests/packages.py

.local/requests/sessions.py

.local/requests/status_codes.py

.local/requests/structures.py

.local/requests/utils.py

.local/urllib3-1.26.6.dist-info/INSTALLER

.local/urllib3-1.26.6.dist-info/LICENSE.txt

.local/urllib3-1.26.6.dist-info/METADATA

.local/urllib3-1.26.6.dist-info/RECORD

.local/urllib3-1.26.6.dist-info/WHEEL

.local/urllib3-1.26.6.dist-info/top_level.txt

.local/urllib3/__init__.py

.local/urllib3/__pycache__/__init__.cpython-38.pyc

.local/urllib3/__pycache__/_collections.cpython-38.pyc

.local/urllib3/__pycache__/_version.cpython-38.pyc

.local/urllib3/__pycache__/connection.cpython-38.pyc

.local/urllib3/__pycache__/connectionpool.cpython-38.pyc

.local/urllib3/__pycache__/exceptions.cpython-38.pyc

.local/urllib3/__pycache__/fields.cpython-38.pyc

.local/urllib3/__pycache__/filepost.cpython-38.pyc

.local/urllib3/__pycache__/poolmanager.cpython-38.pyc

.local/urllib3/__pycache__/request.cpython-38.pyc

.local/urllib3/__pycache__/response.cpython-38.pyc

.local/urllib3/_collections.py

.local/urllib3/_version.py

.local/urllib3/connection.py

.local/urllib3/connectionpool.py

.py .js

.local/urllib3/contrib/__pycache__/__init__.cpython-38.pyc

.local/urllib3/contrib/__pycache__/_appengine_environ.cpython-38.pyc

.local/urllib3/contrib/__pycache__/appengine.cpython-38.pyc

.local/urllib3/contrib/__pycache__/ntlmpool.cpython-38.pyc

.local/urllib3/contrib/__pycache__/pyopenssl.cpython-38.pyc

.js

.local/urllib3/contrib/__pycache__/securetransport.cpython-38.pyc

.js

.local/urllib3/contrib/__pycache__/socks.cpython-38.pyc

.local/urllib3/contrib/_appengine_environ.py

.local/urllib3/contrib/_securetransport/__pycache__/__init__.cpython-38.pyc

.local/urllib3/contrib/_securetransport/__pycache__/bindings.cpython-38.pyc

.local/urllib3/contrib/_securetransport/__pycache__/low_level.cpython-38.pyc

.local/urllib3/contrib/_securetransport/bindings.py

.local/urllib3/contrib/_securetransport/low_level.py

.local/urllib3/contrib/appengine.py

.local/urllib3/contrib/ntlmpool.py

.local/urllib3/contrib/pyopenssl.py

.py .js

.local/urllib3/contrib/securetransport.py

.py .js

.local/urllib3/contrib/socks.py

.local/urllib3/exceptions.py

.local/urllib3/fields.py

.local/urllib3/filepost.py

.local/urllib3/packages/__init__.py

.local/urllib3/packages/__pycache__/__init__.cpython-38.pyc

.local/urllib3/packages/__pycache__/six.cpython-38.pyc

.local/urllib3/packages/backports/__pycache__/__init__.cpython-38.pyc

.local/urllib3/packages/backports/__pycache__/makefile.cpython-38.pyc

.local/urllib3/packages/backports/makefile.py

.local/urllib3/packages/six.py

.local/urllib3/packages/ssl_match_hostname/__init__.py

.local/urllib3/packages/ssl_match_hostname/__pycache__/__init__.cpython-38.pyc

.local/urllib3/packages/ssl_match_hostname/__pycache__/_implementation.cpython-38.pyc

.local/urllib3/packages/ssl_match_hostname/_implementation.py

.local/urllib3/poolmanager.py

.local/urllib3/request.py

.local/urllib3/response.py

.local/urllib3/util/__init__.py

.local/urllib3/util/__pycache__/__init__.cpython-38.pyc

.local/urllib3/util/__pycache__/connection.cpython-38.pyc

.local/urllib3/util/__pycache__/proxy.cpython-38.pyc

.local/urllib3/util/__pycache__/queue.cpython-38.pyc

.local/urllib3/util/__pycache__/request.cpython-38.pyc

.local/urllib3/util/__pycache__/response.cpython-38.pyc

.local/urllib3/util/__pycache__/retry.cpython-38.pyc

.local/urllib3/util/__pycache__/ssl_.cpython-38.pyc

.local/urllib3/util/__pycache__/ssltransport.cpython-38.pyc

.js

.local/urllib3/util/__pycache__/timeout.cpython-38.pyc

.local/urllib3/util/__pycache__/url.cpython-38.pyc

.local/urllib3/util/__pycache__/wait.cpython-38.pyc

.local/urllib3/util/connection.py

.py .js

.local/urllib3/util/proxy.py

.local/urllib3/util/queue.py

.local/urllib3/util/request.py

.local/urllib3/util/response.py

.local/urllib3/util/retry.py

.local/urllib3/util/ssl_.py

.local/urllib3/util/ssltransport.py

.py .js

.local/urllib3/util/timeout.py

.local/urllib3/util/url.py

.local/urllib3/util/wait.py

gimp-2.10.34-setup.exe

.exe windows x64

Password: infected

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

08:62:df:fe:c6:e9:33:2b:fa:93:b2:f1:87:86:36:42
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/06/2021, 00:00

Not After

09/07/2024, 23:59

Subject

CN=Fortinet Technologies (Canada) ULC,O=Fortinet Technologies (Canada) ULC,L=Burnaby,ST=British Columbia,C=CA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29/03/2022, 00:00

Not After

14/03/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

50:03:a9:41:14:3f:9e:bb:85:cc:88:e7:68:c7:5f:41:9f:21:89:92:d7:12:df:ac:30:97:7a:b6:7a:29:71:36
Signer

Actual PE Digest

50:03:a9:41:14:3f:9e:bb:85:cc:88:e7:68:c7:5f:41:9f:21:89:92:d7:12:df:ac:30:97:7a:b6:7a:29:71:36

Digest Algorithm

sha256

PE Digest Matches

false

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Fortinet Technologies (Canada) ULC,O=Fortinet Technologies (Canada) ULC,L=Burnaby,ST=British Columbia,C=CA

02/05/2022, 19:22
Valid: true

Chain 1

CN=Fortinet Technologies (Canada) ULC,O=Fortinet Technologies (Canada) ULC,L=Burnaby,ST=British Columbia,C=CA

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_NO_SEH

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 615KB - Virtual size: 615KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rsrc
Size: 219KB - Virtual size: 218KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

Password: infected

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

08:62:df:fe:c6:e9:33:2b:fa:93:b2:f1:87:86:36:42Certificate

Extended Key Usages

Key Usages

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9dCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

50:03:a9:41:14:3f:9e:bb:85:cc:88:e7:68:c7:5f:41:9f:21:89:92:d7:12:df:ac:30:97:7a:b6:7a:29:71:36Signer

Signature Validations

Verification

02/05/2022, 19:22 Valid: true

Chain 1

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 615KB - Virtual size: 615KB

.rsrc Size: 219KB - Virtual size: 218KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

08:62:df:fe:c6:e9:33:2b:fa:93:b2:f1:87:86:36:42
Certificate

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

50:03:a9:41:14:3f:9e:bb:85:cc:88:e7:68:c7:5f:41:9f:21:89:92:d7:12:df:ac:30:97:7a:b6:7a:29:71:36
Signer

02/05/2022, 19:22
Valid: true

.text
Size: 615KB - Virtual size: 615KB

.rsrc
Size: 219KB - Virtual size: 218KB