diamondfox | hxxps://redmine[.]openinfosecfoundation[.]org/attachments/download/2035/suricata[.]rules[.]txt

Analysis

max time kernel
95s
max time network
98s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
17-08-2023 21:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://redmine.openinfosecfoundation.org/attachments/download/2035/suricata.rules.txt

Score

10^/10

diamondfox botnet google infostealer phishing stealer

Malware Config

Signatures

Detected google phishing page
phishing google
Detected phishing page
phishing
DiamondFox
DiamondFox is a multipurpose botnet with many capabilities.
botnet stealer diamondfox

DiamondFox payload 2 IoCs

Detects DiamondFox payload in file/memory.

infostealer

Processes:

resource	yara_rule
C:\Users\Admin\Downloads\suricata.rules.txt	diamondfox
C:\Users\Admin\Downloads\suricata.rules.txt	diamondfox

Modifies data under HKEY_USERS 2 IoCs

Processes:

chrome.exe

description	ioc	process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133367800823218430"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Modifies registry class 1 IoCs

Processes:

chrome.exe

description ioc process

Key created \REGISTRY\USER\S-1-5-21-1722984668-1829624581-3022101259-1000_Classes\Local Settings chrome.exe
Opens file in notepad (likely ransom note) 1 IoCs
ransomware

Processes:

NOTEPAD.EXE

pid process

3224 NOTEPAD.EXE
Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes:

chrome.exe

pid process

3840 chrome.exe
3840 chrome.exe
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

Processes:

chrome.exe

pid process

3840 chrome.exe
3840 chrome.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-21-1722984668-1829624581-3022101259-1000_Classes\Local Settings	chrome.exe

pid	process
3224	NOTEPAD.EXE

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

chrome.exe

description	pid	process
Token: SeShutdownPrivilege	3840	chrome.exe
Token: SeCreatePagefilePrivilege	3840	chrome.exe
Token: SeShutdownPrivilege	3840	chrome.exe
Token: SeCreatePagefilePrivilege	3840	chrome.exe
Token: SeShutdownPrivilege	3840	chrome.exe
Token: SeCreatePagefilePrivilege	3840	chrome.exe
Token: SeShutdownPrivilege	3840	chrome.exe
Token: SeCreatePagefilePrivilege	3840	chrome.exe
Token: SeShutdownPrivilege	3840	chrome.exe
Token: SeCreatePagefilePrivilege	3840	chrome.exe
Token: SeShutdownPrivilege	3840	chrome.exe
Token: SeCreatePagefilePrivilege	3840	chrome.exe
Token: SeShutdownPrivilege	3840	chrome.exe
Token: SeCreatePagefilePrivilege	3840	chrome.exe
Token: SeShutdownPrivilege	3840	chrome.exe
Token: SeCreatePagefilePrivilege	3840	chrome.exe
Token: SeShutdownPrivilege	3840	chrome.exe
Token: SeCreatePagefilePrivilege	3840	chrome.exe
Token: SeShutdownPrivilege	3840	chrome.exe
Token: SeCreatePagefilePrivilege	3840	chrome.exe
Token: SeShutdownPrivilege	3840	chrome.exe
Token: SeCreatePagefilePrivilege	3840	chrome.exe
Token: SeShutdownPrivilege	3840	chrome.exe
Token: SeCreatePagefilePrivilege	3840	chrome.exe
Token: SeShutdownPrivilege	3840	chrome.exe
Token: SeCreatePagefilePrivilege	3840	chrome.exe
Token: SeShutdownPrivilege	3840	chrome.exe
Token: SeCreatePagefilePrivilege	3840	chrome.exe
Token: SeShutdownPrivilege	3840	chrome.exe
Token: SeCreatePagefilePrivilege	3840	chrome.exe
Token: SeShutdownPrivilege	3840	chrome.exe
Token: SeCreatePagefilePrivilege	3840	chrome.exe
Token: SeShutdownPrivilege	3840	chrome.exe
Token: SeCreatePagefilePrivilege	3840	chrome.exe
Token: SeShutdownPrivilege	3840	chrome.exe
Token: SeCreatePagefilePrivilege	3840	chrome.exe
Token: SeShutdownPrivilege	3840	chrome.exe
Token: SeCreatePagefilePrivilege	3840	chrome.exe
Token: SeShutdownPrivilege	3840	chrome.exe
Token: SeCreatePagefilePrivilege	3840	chrome.exe
Token: SeShutdownPrivilege	3840	chrome.exe
Token: SeCreatePagefilePrivilege	3840	chrome.exe
Token: SeShutdownPrivilege	3840	chrome.exe
Token: SeCreatePagefilePrivilege	3840	chrome.exe
Token: SeShutdownPrivilege	3840	chrome.exe
Token: SeCreatePagefilePrivilege	3840	chrome.exe
Token: SeShutdownPrivilege	3840	chrome.exe
Token: SeCreatePagefilePrivilege	3840	chrome.exe
Token: SeShutdownPrivilege	3840	chrome.exe
Token: SeCreatePagefilePrivilege	3840	chrome.exe
Token: SeShutdownPrivilege	3840	chrome.exe
Token: SeCreatePagefilePrivilege	3840	chrome.exe
Token: SeShutdownPrivilege	3840	chrome.exe
Token: SeCreatePagefilePrivilege	3840	chrome.exe
Token: SeShutdownPrivilege	3840	chrome.exe
Token: SeCreatePagefilePrivilege	3840	chrome.exe
Token: SeShutdownPrivilege	3840	chrome.exe
Token: SeCreatePagefilePrivilege	3840	chrome.exe
Token: SeShutdownPrivilege	3840	chrome.exe
Token: SeCreatePagefilePrivilege	3840	chrome.exe
Token: SeShutdownPrivilege	3840	chrome.exe
Token: SeCreatePagefilePrivilege	3840	chrome.exe
Token: SeShutdownPrivilege	3840	chrome.exe
Token: SeCreatePagefilePrivilege	3840	chrome.exe

Suspicious use of FindShellTrayWindow 35 IoCs

Processes:

chrome.exe

pid	process
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

Processes:

chrome.exe

pid	process
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe
3840	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

chrome.exe

description	pid	process	target process
PID 3840 wrote to memory of 1908	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 1908	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3460	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3460	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3460	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3460	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3460	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3460	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3460	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3460	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3460	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3460	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3460	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3460	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3460	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3460	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3460	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3460	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3460	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3460	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3460	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3460	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3460	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3460	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3460	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3460	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3460	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3460	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3460	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3460	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3460	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3460	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3460	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3460	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3460	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3460	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3460	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3460	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3460	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3460	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 1988	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 1988	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3724	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3724	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3724	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3724	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3724	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3724	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3724	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3724	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3724	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3724	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3724	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3724	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3724	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3724	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3724	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3724	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3724	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3724	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3724	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3724	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3724	3840	chrome.exe	chrome.exe
PID 3840 wrote to memory of 3724	3840	chrome.exe	chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://redmine.openinfosecfoundation.org/attachments/download/2035/suricata.rules.txt
1⤵
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3840
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb63a89758,0x7ffb63a89768,0x7ffb63a89778
  2⤵
  PID:1908
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1772 --field-trial-handle=1892,i,3746449639714107261,3711565961866630686,131072 /prefetch:2
  2⤵
  PID:3460
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 --field-trial-handle=1892,i,3746449639714107261,3711565961866630686,131072 /prefetch:8
  2⤵
  PID:1988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2220 --field-trial-handle=1892,i,3746449639714107261,3711565961866630686,131072 /prefetch:8
  2⤵
  PID:3724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2912 --field-trial-handle=1892,i,3746449639714107261,3711565961866630686,131072 /prefetch:1
  2⤵
  PID:388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2900 --field-trial-handle=1892,i,3746449639714107261,3711565961866630686,131072 /prefetch:1
  2⤵
  PID:2924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4936 --field-trial-handle=1892,i,3746449639714107261,3711565961866630686,131072 /prefetch:8
  2⤵
  PID:4132
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5440 --field-trial-handle=1892,i,3746449639714107261,3711565961866630686,131072 /prefetch:8
  2⤵
  PID:3464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4908 --field-trial-handle=1892,i,3746449639714107261,3711565961866630686,131072 /prefetch:8
  2⤵
  PID:2708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5676 --field-trial-handle=1892,i,3746449639714107261,3711565961866630686,131072 /prefetch:8
  2⤵
  PID:4404
- C:\Windows\system32\NOTEPAD.EXE
  "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\suricata.rules.txt
  2⤵
  - Opens file in notepad (likely ransom note)
  PID:3224

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:672

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
824B

MD5
424044373d133cc72c95281229df21fa

SHA1
76c667aa74c02f4ead101fef4e3122efe9af23e3

SHA256
72af99b9b59d08a34491559a60e83e952dcd315547b9126945a6a57cd4739030

SHA512
454ecb2faf8b40cfde065f49e1b98c339ef6a786c12d436aee6660165eb3f70a1875ece7271da4d97827a95565b1b9c8d5eeeb21f7d5cb305c5b276ccc76478e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
538B

MD5
8016f4336bfa708d720d6a6ab8ee7ee6

SHA1
5a07cfd179590a679c771ac1d842a32d394330c0

SHA256
df65cea8768c4f1383c0896ca5fafc71e599780803949bc9e5fafddc103d9098

SHA512
94c5f286799ab520f8b7973860f822caf25f208d75a0e1a49e4a672a3204150c1b9d8196f44a1caf6666f545cafd88cabd822868dbae8109750d95e96fceed3b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
14a1b130bdc33c0c8a853d0d8c2d5f34

SHA1
9bc7300da05959cca598797c66b543417b25b87a

SHA256
2c566e14bfd049ab94cfcbbcd1a000bda953743f0f8ef045e17c4ab7a7818ef5

SHA512
2fd11f9d2dcd404ea88d10bf90e8d400a5d58325ca403268534a9179f70c0b6e5c9ffc6a47328f65d234850567f3ebb6c535a6a0870f771ca448df606d487963

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
d82c97a502ceaae0ba2d1e3132b25fd4

SHA1
721be779f572094f137056b3f143acde4c14801f

SHA256
fbef78505ae7e60116876776190116e70c5f5950f5aa0361f2aaa42df60d7966

SHA512
3738d5b88faedcf2f65843e114154a89404164e0c8197e0bd18aad9ff1f5b6b134fd041f09bdc630eb548b4598a31a04bb7ce8e9226b3944eb11283502f3a08d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
113KB

MD5
2c024805520d6e02f783475e31ce38c8

SHA1
0acc7479f381de876440615622cbed47c1925647

SHA256
a4ddd9e5acf053ff1441c4cf49b55a81f6f184a5523ff356d6088e58f7cfe70c

SHA512
52ba1830317b93fc51f272b4917ba4b92c0edc6877434d59f8256004d323869c710632dfba74abe316de8a5c3c020c9c68edfe9aed500feb27c573ec87d9a5cf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57d9e5.TMP

Filesize
106KB

MD5
254b6eaa68a1de337ed2d8fdc05a87de

SHA1
e3fc128570dd5dc3fcdd4d52361ecf63e449120f

SHA256
bd97bd2c2706944d3a2ae49c61710d831eca66ad475d3b42c52bb438c495400b

SHA512
12aa6807cbb71e43d6faf4b63346b3137537a6bea9fd253b547516551faa4436ad41dff92c824b28b3d3a8ddfb3ada60321313db39c703806ac12a0bdeb85211

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\Downloads\suricata.rules.txt

Filesize
14.4MB

MD5
76c907e8fcbc1b45d0b1325455b1c305

SHA1
74828add0e9bd2b5f824fb3d60bfdc5ea5807edf

SHA256
f0bf9428df96e51956722c528ba4de3ba2cce4be51b5dc2f18c7ff5ee0b013b9

SHA512
2ec366926e38ebe1e32264a2aedcb783c7b4a131be78c4402ebead5fdd9c7700bdcd2adee5b45d398993ec4c81ebba5752a90941485f504c515c477970248571

Download Submit
C:\Users\Admin\Downloads\suricata.rules.txt

Filesize
14.4MB

MD5
76c907e8fcbc1b45d0b1325455b1c305

SHA1
74828add0e9bd2b5f824fb3d60bfdc5ea5807edf

SHA256
f0bf9428df96e51956722c528ba4de3ba2cce4be51b5dc2f18c7ff5ee0b013b9

SHA512
2ec366926e38ebe1e32264a2aedcb783c7b4a131be78c4402ebead5fdd9c7700bdcd2adee5b45d398993ec4c81ebba5752a90941485f504c515c477970248571

Download Submit
\??\pipe\crashpad_3840_WNGIZKRLLMBDZYOK

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit