blackguard | 5b4e091f4ff55c2d426ca3ab68714562387fb615b820bb32dd696a150f3330cd

Sharing

Copy URL

Twitter E-mail

General

Target

ScanGuard_Setup.exe
Size

54.8MB
Sample

240113-fla9lscdgl
MD5

6a341a3120a8e9140076e7f07a14ac00
SHA1

93c3ef60132b89cecd1418efbfc396c7ea6ed513
SHA256

5b4e091f4ff55c2d426ca3ab68714562387fb615b820bb32dd696a150f3330cd
SHA512

e19de3685d2bd55ed67bf35044889eed56b0e02ae408d834df13b72d59b345162166bdc8348f4c01c7d850c14cc1b0b771cf5f92bb3ecd4adef427d860a93a48
SSDEEP

1572864:N4kqcnVXU29JlWMOVqvvIw7ZbN7vF6P0EVAWZZLdwa:bnVXV/lW3Vq3Ikf7vF9Bi9Sa

Score

10^/10

Malware Config

Targets

- Target
  
  ScanGuard_Setup.exe
- Size
  
  54.8MB
- MD5
  
  6a341a3120a8e9140076e7f07a14ac00
- SHA1
  
  93c3ef60132b89cecd1418efbfc396c7ea6ed513
- SHA256
  
  5b4e091f4ff55c2d426ca3ab68714562387fb615b820bb32dd696a150f3330cd
- SHA512
  
  e19de3685d2bd55ed67bf35044889eed56b0e02ae408d834df13b72d59b345162166bdc8348f4c01c7d850c14cc1b0b771cf5f92bb3ecd4adef427d860a93a48
- SSDEEP
  
  1572864:N4kqcnVXU29JlWMOVqvvIw7ZbN7vF6P0EVAWZZLdwa:bnVXV/lW3Vq3Ikf7vF9Bi9Sa
Score

8^/10

discovery persistence spyware stealer upx
- Creates new service(s)
  persistence
- Drops file in Drivers directory
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops file in System32 directory
behavioral1
- Target
  
  netstandard.dll
- Size
  
  72KB
- MD5
  
  671ed9d6e873ad29ccff10bcfaea6021
- SHA1
  
  49507f0040c27249e209be9ff92ea4c143575873
- SHA256
  
  de0ef6c3af1c9b8199ba4e16c1392d3127a4a30dcc4cfbf96bcc463fe0a5d27d
- SHA512
  
  15649a0a37d1e26bf3e670ee1986a6f6d991a6821868f2e90c1a1986122c4cfa78854f5f02c7d5ec1354837126f3226da09f8c89823496045644b48fc4e80f6e
- SSDEEP
  
  768:y5x6TGSoxq/iImVvMVYd75IXL4bObKZbc6NtjSPU5gBkVb7TikFlnQrOu:AxFwiIU6Y15C4bObKZlNAs5fukFOf
Score

1^/10
behavioral2
- Target
  
  nfapi.dll
- Size
  
  334KB
- MD5
  
  1ac6313643ab8be85e87b53f47e4af79
- SHA1
  
  10a9b2d40a18399f0235dcd4872375aef409e6d5
- SHA256
  
  d12c75b752322a00d727c9a8305ab60092b33fd26988ca3aa8cf5b7f4b29b8c5
- SHA512
  
  9a286cb37462314ab4a04879c1a2e762c04acd5365af5c77897af1294b6deda43fdf5b0c709575fbf6058bc7c9606bd891743fc314cf63e3ecb059ff3175af10
- SSDEEP
  
  3072:KKpHwC6H+AYYYxYYYYYrs/NAWOZFvyfaP710WkYsf+6pu6v3tgHf+dNUxJcGtHFZ:KKpHMg61ZFvyfKLkzfrnvGHfDcGtrht
Score

1^/10
behavioral3
- Target
  
  nfregdrv.exe
- Size
  
  48KB
- MD5
  
  01b5780505301ada6dc102fb77b2298c
- SHA1
  
  328c3931a54af2d7adb88ba4c4c18ce1af8d5a72
- SHA256
  
  aad2d85472448abe8250cf3180c3d0373540f46e8a8e76d8ef2f78db62be0812
- SHA512
  
  bc5bd91c46f452a76ae0595287622256e8c79e90158171bedf6b68d4439dfefceb06948bd49deb0aeb1344ce89a312bb87b01e2daf3880729fff642951c33947
- SSDEEP
  
  768:2/1x+sxHjR9Q9V0nczMWkL/zDJ6kqsEtm:YjR8VfRkL0Jtm
Score

1^/10
behavioral4
- Target
  
  ovpn/libcrypto-1_1.dll
- Size
  
  3.2MB
- MD5
  
  b9eb6a8ac15e8eee936d994bc87f9d5e
- SHA1
  
  b432473b753f371bb2415eb63d178e560455d4c8
- SHA256
  
  548c59044738554e6fd8aee9e1cd0e6cb13ee7b6f4f71532aff868e771eb8a7d
- SHA512
  
  83688bdee057964072215de15039e27f0e3188fc32856183f9de3484f11d6cbd633f36c0f0abe7ec6f3eb17dd467c59e8cc8517a371091279270c6c2bb5c631c
- SSDEEP
  
  98304:+mjNt5deg7yCsF4Qd/CsIhu2w0ne8nB5U5jOmp9P1CPwDv3uFfJl2xEcFiuW9MZe:+mjVpGCsFldKsIhuSne8nBIjx9P1CPwE
Score

3^/10
behavioral5
- Target
  
  ovpn/liblzo2-2.dll
- Size
  
  193KB
- MD5
  
  bd9eab80f953d1674d71c315e050292b
- SHA1
  
  7f0d391e1d7b4dd455359ca1381bc5b90a23c84d
- SHA256
  
  22c1a7a44308ff6aafd80caa6fd53c93df7696c99feadf9ae700f26365c0986f
- SHA512
  
  baedfe72d58711ce95ad5ab2010f99d1f42825b825eae48c72add6c2cb8c8f756eb8d1f8c13b78d4cd6cc2a3cfeb920f4188ca47dc6f59aa1c66b0d83b0ebf4e
- SSDEEP
  
  3072:xyJHcFYd6nLF3XRAXqXKGfyI4yaIw4QBkUgPQtRfG/:oeF3XWXq6GK14CVgIvO
Score

3^/10
behavioral6
- Target
  
  ovpn/libpkcs11-helper-1.dll
- Size
  
  123KB
- MD5
  
  5e12d4d264ba957604e80ebbb436c61b
- SHA1
  
  50ad9a622518989a80355d226b77c5c57aecba64
- SHA256
  
  6f0e5fbeec6474e0cc2bd0536aed3ff47fef4588fe28625ce2b3eaacb5f0dead
- SHA512
  
  e4dbb5e094b48bb47a30dc5782b9a5b58dd039c626922cc7884c00f2bc24ae4c457b11e2889ff373cc592c47daf1511ca4ab10a6f26f7f2f745efd9e64a5f002
- SSDEEP
  
  3072:tACv01QslFoJiU4ixhvt5hTQQU7kVTAHluobjrf1Evu5g8V:tPv01rI3t5hTQQU7kVTAHluobjrf1Evu
Score

3^/10
behavioral7
- Target
  
  ovpn/libssl-1_1.dll
- Size
  
  924KB
- MD5
  
  d6d65e0a4a7706a90e328578251f43ae
- SHA1
  
  5a34a15fd21f345b3f6c1876df3503e0050e7428
- SHA256
  
  89d49df485a5c33f0ebef4a78f6ceb63e60c08113fe21a911cd2c196bf9393fd
- SHA512
  
  2f524f1f9281a643ca3dd657e8136828fbb4c58b259c717bd05ea964379ad814fabd9e47d129ff1866dd92e8d5cadbce38b66c8daf2aba944c57368e7c1d8273
- SSDEEP
  
  24576:jN/UGlfUX71WzUoh53Xbj9Vku1UYaN4vlMAUBYSwF/mbsgEKQG7iiHh7xqwg:x/61Wz3534u1UYaWvlMAUuSwF/mbsgpc
Score

1^/10
behavioral8
- Target
  
  ovpn/openssl-license .txt
- Size
  
  10KB
- MD5
  
  4c359b890e7eeb474a96075f6df68597
- SHA1
  
  eb7d89454cd1f62d8ad37d61fe52117be5b38a12
- SHA256
  
  b9f6a4d26b1c7118c3b0ac41f0777a2b82de0ea25f48a9ca6a0e5550dba2382a
- SHA512
  
  d3578180c52d0daebd7b1792a261140bb49a11ff592efcb0c9d520a06ff6dc11ec3b1fcede1c95594deeffbd46d8703d1c5aabcd1677ab685774dadebb1af9bf
- SSDEEP
  
  192:uf9fG4QSAVOSbwF1wOFXuFJyQtxmG3ep/7rlzKfHbxc+Xq0rhR:Q1u9b01DY/rGBt+dc+acR
Score

3^/10
behavioral9
- Target
  
  ovpn/openvpn-license.txt
- Size
  
  17KB
- MD5
  
  a5aa9694cc581daf09c7f75d1bc64c30
- SHA1
  
  484b11367024a690fbd459fb4f45fd044f42d63a
- SHA256
  
  a45afcd949cb0e29a3ca81801c7b72666e585ac039a0e1eac63546bcb7273d4c
- SHA512
  
  5dd967d247732aa4d718e25347224ea93a15c597c47507deeea30be84c87283e984daf39798492167a422acdc5af174eebd7f7220162f0907ad89d3730c7b306
- SSDEEP
  
  384:H4j2PmwE3b6k/iAVX/dUY2ZpEGMOZ77oPoqHZ:H46uh1iYWrTXoPoqHZ
Score

3^/10
behavioral10
- Target
  
  ovpn/openvpn.exe
- Size
  
  1013KB
- MD5
  
  d62e7bd8fcfc550f4c664eb7f6933186
- SHA1
  
  0c1434e0afc5abb50e4fc266a83b7d412a23c280
- SHA256
  
  1c704ce36e37384692d4e9d111be69665fb2bfd3edc614ed6117ed6b934b736e
- SHA512
  
  36f8d5c714108140134d0e1d6852e2ef78da186d75fe6d6134ae7cbe43b79e451762f9e070004b13c0ccbb60e2c5ac12d34664381b7ed2187be57228861c815c
- SSDEEP
  
  24576:AHLo6iymW1bTJJf+mae38OB8s1k0yu3z3di6YT5WPYsrUFuyeAToym:YojeP+8828YYqp68
Score

1^/10
behavioral11
- Target
  
  ovpn/openvpn_down.bat
- Size
  
  475B
- MD5
  
  08bae2de82fa4fb579f707376d440056
- SHA1
  
  33eaaac6f01f017affb58b68636cffa6ce30b157
- SHA256
  
  6cab17fee12d3a2c43eb4d7c3a790cdbd7fc9afc6b0c6d60dbbb61594f6cec74
- SHA512
  
  67bfb8a995eb12b5f995860472a0817279ff2acdbdc19e7ee38a0a91eaec67a870dfc56ce39cf4bb5d29c227809cb35b16635d1fe1c0bbc64429079e5aada6f0
Score

1^/10
behavioral12
- Target
  
  ovpn/openvpn_up.bat
- Size
  
  784B
- MD5
  
  cd4d223acddbd08101a159b17022324b
- SHA1
  
  510979a24584898281d7190c9981a1f7aa5b09ca
- SHA256
  
  6ed4c6d1ba69e5aad84434e40f97c39432be10b903652860f8f16d7861ea79d6
- SHA512
  
  8516ff62ecf818db7f794d66a2c479ea549444ed718f519b297a0723d78e191466d8f889f4f544a3e3324d6ce9002ceaa3d119b2a5fb63dcb8a2fd324110e1c7
Score

1^/10
behavioral13
- Target
  
  protected_elam/amd64/protected_elam.sys
- Size
  
  18KB
- MD5
  
  e9806e894443f95671064755f9663a18
- SHA1
  
  ee77dcdeda8f1c8f81dee89ae3924c1ef5d6c69b
- SHA256
  
  119bb976356fac1cc0b81e2cdc8d1135c1f57c1d06b631a1814796e1601c2bbc
- SHA512
  
  7a52c467cbcf80ec10e8e4656bf57198a9ee4b28971120ac4d47de3f3b20a5acd4199366d7ebe6920c9b4232768c000a9bae66905313016037f46a64f62f0cbb
- SSDEEP
  
  192:DGCPcD0vWi7GszmVY84WVDi5f/VWQ4WWtd7JAh+Il+jX01k9z3Aalf3N:DGUcDfLVYIs/aN8EjR9zl53N
Score

1^/10
behavioral14
- Target
  
  protected_elam/x86/protected_elam.sys
- Size
  
  17KB
- MD5
  
  cf833a28b40ab93655f342a9d760d224
- SHA1
  
  d03ec91202f85970e4a24124bca36d7b4e262a16
- SHA256
  
  0b0d0898257846c320f7ddf30771126bbdf9edc7f9afbe1fb3d4f0925680215b
- SHA512
  
  3332f2eb60a422124628c749ba43a140ae6bc8c753019ba78edbbf0a390efcccefa15f3eaa192e7bb5b2d3195cf58def64bae42a844f5fbbde741d3c465a5e3a
- SSDEEP
  
  384:fV/MVnhyp3DiyZbV0VYjt4s/GpQtR9zusP3:fVbVbGeRMQP9zuG
Score

1^/10
behavioral15
- Target
  
  pwm.dll
- Size
  
  30KB
- MD5
  
  885a2706ad5cd98c637a9d02a6712d56
- SHA1
  
  7bbe52a527efc084516c512372c8102749bd3746
- SHA256
  
  58ea66beb9fd07738a6a05622e04cc14bdea6e2d7628c3ef52e9960ff254ceba
- SHA512
  
  f966d711ffca055354ee68116032d818ce857237c7c27d92ddbb5f5a6a4b8dc3d17637e22532e524dcc72a428aeb60ca534150f41648e59c842a804b89790d63
- SSDEEP
  
  768:0ymFTYwH+5FUraxpcn0CLRGgFxZZjQZ9XIjFDqrdtUn5k:mH+5FUrfbAojQZ9XIjRqrjWe
Score

1^/10
behavioral16
- Target
  
  securityservice.cat
- Size
  
  1.4MB
- MD5
  
  f7d1d228beafd2473fe5d039b0b5a8c2
- SHA1
  
  e9855109124b96c781c68e4fadfc4a658db7c305
- SHA256
  
  17da88c29be86ba54c810ec0afdcfe9584a648e24745fdd3c049791959c47cdd
- SHA512
  
  2a7c81444c9a80670674a8d22e8aca5e516241168fde9653977f3d9dbbda48c3cb4165b94cbccdf6012c9c28d00abb47d523b785fee35b9f98fbbf4fe18aba29
- SSDEEP
  
  24576:uoV5o//555/dbwUQaAsoAMC4Yt1t6n+CSbDO8xF8IUs4D+Q8CRFc25MusMT:bzu5wNCJ100BxO8CRFcQL
Score

8^/10
- Blocklisted process makes network request
behavioral17
- Target
  
  sni.dll
- Size
  
  133KB
- MD5
  
  c62a83f20bc23aeface70ec13003c4c5
- SHA1
  
  35553cfcdcbeccdc49710e68aec495c16880f0bd
- SHA256
  
  1446d6b26da49a5a9f366972f89f4e236f916955f31ddc38ebb96217c1cace9c
- SHA512
  
  4dda44fd5b538f5da9e8cb46a3ab1bdc14b43425b9a61249eccc925d986af7b8b3548db9490238f14807909ecf479415117141ddb344119438a59f97e894ea37
- SSDEEP
  
  3072:H3SGhrfrdqCn3bctzdGRX18u5e++dowahamD5/f+vHPoW:H3SGhbBqCnmzERyiepSUm9moW
Score

1^/10
behavioral18
- Target
  
  ucrtbase.dll
- Size
  
  1.1MB
- MD5
  
  6343ff7874ba03f78bb0dfe20b45f817
- SHA1
  
  82221a9ac1c1b8006f3f5e8539e74e3308f10bcb
- SHA256
  
  6f8f05993b8a25cadf5e301e58194c4d23402e467229b12e40956e4f128588b3
- SHA512
  
  63c3d3207577d4761103daf3f9901dd0a0ae8a89694ad1128fd7e054627cdd930d1020049317c5a898411735e2f75e2103ae303e7e514b6387a3c8463a4fb994
- SSDEEP
  
  24576:Os974wcfeCepgb9qqu+XMO4nXIzvQVbe1SmcvIZPoy4/ZBVX:b96WghMOqI8Vbe1GZBVX
Score

1^/10
behavioral19
- Target
  
  uninst.exe.nsis
- Size
  
  41KB
- MD5
  
  fb74dc64373de7cdd22486e1444c5aea
- SHA1
  
  5dd66c6590163a4eab2a6d00514f502721708ba2
- SHA256
  
  d666a433679148b1197542695b08e30286378b32bccca3a876df2b1258e6940d
- SHA512
  
  e38f8b78477e422b025705b9a40f88769f21895cb61cdf86db839c47835ea252c2d735812b6e146cc72c73f8e6470ce36800e70926494239bac359ee0ed633d9
- SSDEEP
  
  768:DMIf196S7PdFowoOnW6wFPwkZ2inubgJeZrA5yyGqYwF5I:gQ19/LwOnW6wFPfuAeZrMxQ
Score

3^/10
behavioral20
- Target
  
  urldrv/tdi/amd64/webshieldfilter.sys
- Size
  
  74KB
- MD5
  
  21a332af5c8e929415dbde71db19b8ca
- SHA1
  
  dd908daf05b0fa89de836110e68f97cc54859d21
- SHA256
  
  b5ff1ea46318772e179c56e8e386f9b6c5831a304ebc4783501304aa2a9f8d33
- SHA512
  
  c0dad463aa71c1cfe2cf7de1b605be36f57fc49028a68b37e823ab5449f985b07d4c7b66e828aecbb2fffd240bab3f51d75a2d4ba43fb14674c0af50684d40be
- SSDEEP
  
  1536:9iwOws+rmFBi9rsWsZBey3EV+tj6scdDUfI:9VOwso9QHBeyEV+tj6scr
Score

1^/10
behavioral21
- Target
  
  urldrv/tdi/i386/webshieldfilter.sys
- Size
  
  68KB
- MD5
  
  2aa6d30e357b9a3e63d178f244482150
- SHA1
  
  44577e1a2fbc916fc8acca1ae5c7958ff64f8da4
- SHA256
  
  3282e62445815de2e45092d9476f6ba5625dc50c96077845c2e32afbf8c9d2bd
- SHA512
  
  57964eb6f0e36a4eaf41e7586d1fb37e36896fa26687767012443898c1b59f8bd4900da1f639251ae726e60be8df97812a9b700d5064fcccc0343e59bbb2e0fe
- SSDEEP
  
  1536:8+wIzEJyjGTyUvtarIHl6v4Pm37sc6BUvCnUf:HwIzYyjA10IHl6gO37f6B
Score

1^/10
behavioral22
- Target
  
  urldrv/wfp/win10/amd64/webshieldfilter.sys
- Size
  
  94KB
- MD5
  
  b797771c87184870eb95d2e50e17a9e7
- SHA1
  
  b303acad4220542c3150bb979aa966c2640434af
- SHA256
  
  c190a676d707f290a0f6fccb60ecbc4b3b5dea5ea27d552095acd4110aff51bc
- SHA512
  
  60ced524fa3bb611b6a73734b7aa6bc30d10fdbf9914a8e4c79e1b79c6402a678fb4963a29f237418affba806ca39bdf766b229b7679d50431aa834e6fa99341
- SSDEEP
  
  1536:WMd62uktOfNwZHmussJFDEI6rzztE3yT/hdf5YrSuuKGvq9Q:WMdNOf+FfQI65YluKGSi
Score

1^/10
behavioral23
- Target
  
  urldrv/wfp/win10/i386/webshieldfilter.sys
- Size
  
  80KB
- MD5
  
  709ae7d4bb1817abf5b22bd5eb6d1943
- SHA1
  
  4123eb3773d91e5294abb1d1ad3cac52a34d5a48
- SHA256
  
  7a8748b1531e99f3549f579534e193fd9e2b1a96042313037d2aa6ad9c1e140d
- SHA512
  
  dc1f66be19368e7c9325a4f52e47b9d813912d06257a670ae42ba26206c751918fdf3a61eb2e383230ba6bb6a25865e594c5df80cb244ae1137e517d4dcc24c2
- SSDEEP
  
  1536:pHUU8fa7XUXG/jsc4CVkl5jpGt7xu6tKJp6NbUzWE3dlsl48jStEF:j8y7k4jsc4CM5jpKwAKJwo3lZW
Score

1^/10
behavioral24
- Target
  
  urldrv/wfp/win7/amd64/webshieldfilter.sys
- Size
  
  84KB
- MD5
  
  36a5f7f6601d2427426588ffd415ea89
- SHA1
  
  e69a5cfde38c82a6b0081e476fd83f1e3211337c
- SHA256
  
  16399d8faf4a30ed463b8db7900fe0e67aa981a519d324f32349ba2abd779647
- SHA512
  
  3379adcfbcb23cbdfc62390a0ebedde75810b1f90c19bb66ce142594994a11545090583cc9d71e4e28fb2bf875fd5798f9adb9e339ba9a146513734fb74693dd
- SSDEEP
  
  1536:sGKnLHVUPDbU08dqnBtZ1ZPM1QubbE3CIXkuTtWuUf:mLHqDQZiaQA7IX5tW
Score

1^/10
behavioral25
- Target
  
  urldrv/wfp/win7/i386/webshieldfilter.sys
- Size
  
  75KB
- MD5
  
  9508031dacfbbaf2595fdc9dacdb3b2a
- SHA1
  
  7b85a2830535a53068a8167093de36a3d3176e26
- SHA256
  
  3512260c75fe5ab584e7c072c38a9b17f4603c7b735d9e9e1e0b2f0ff901abbd
- SHA512
  
  a27287409313bd084510f92677111b92424c6a39eaf20e53519f563fe5a8d3a339b5e5d7399713164b41e1e22fc6ad87f6161f602ebdc74f9785f87e0bafc01e
- SSDEEP
  
  1536:heDMC9wA1lHT6pmrnPWxtbHoncn3Ii62NOtwFqGuPUfM:AqOMpmrPWxFonXi628OAhP
Score

1^/10
behavioral26
- Target
  
  urldrv/wfp/win8/amd64/webshieldfilter.sys
- Size
  
  94KB
- MD5
  
  b797771c87184870eb95d2e50e17a9e7
- SHA1
  
  b303acad4220542c3150bb979aa966c2640434af
- SHA256
  
  c190a676d707f290a0f6fccb60ecbc4b3b5dea5ea27d552095acd4110aff51bc
- SHA512
  
  60ced524fa3bb611b6a73734b7aa6bc30d10fdbf9914a8e4c79e1b79c6402a678fb4963a29f237418affba806ca39bdf766b229b7679d50431aa834e6fa99341
- SSDEEP
  
  1536:WMd62uktOfNwZHmussJFDEI6rzztE3yT/hdf5YrSuuKGvq9Q:WMdNOf+FfQI65YluKGSi
Score

1^/10
behavioral27
- Target
  
  urldrv/wfp/win8/i386/webshieldfilter.sys
- Size
  
  80KB
- MD5
  
  709ae7d4bb1817abf5b22bd5eb6d1943
- SHA1
  
  4123eb3773d91e5294abb1d1ad3cac52a34d5a48
- SHA256
  
  7a8748b1531e99f3549f579534e193fd9e2b1a96042313037d2aa6ad9c1e140d
- SHA512
  
  dc1f66be19368e7c9325a4f52e47b9d813912d06257a670ae42ba26206c751918fdf3a61eb2e383230ba6bb6a25865e594c5df80cb244ae1137e517d4dcc24c2
- SSDEEP
  
  1536:pHUU8fa7XUXG/jsc4CVkl5jpGt7xu6tKJp6NbUzWE3dlsl48jStEF:j8y7k4jsc4CM5jpKwAKJwo3lZW
Score

1^/10
behavioral28
- Target
  
  vcruntime140_cor3.dll
- Size
  
  74KB
- MD5
  
  1a84957b6e681fca057160cd04e26b27
- SHA1
  
  8d7e4c98d1ec858db26a3540baaaa9bbf96b5bfe
- SHA256
  
  9faeaa45e8cc986af56f28350b38238b03c01c355e9564b849604b8d690919c5
- SHA512
  
  5f54c9e87f2510c56f3cf2ceeb5b5ad7711abd9f85a1ff84e74dd82d15181505e7e5428eae6ff823f1190964eb0a82a569273a4562ec4131cecfa00a9d0d02aa
- SSDEEP
  
  1536:zHHuqvERNjBwySXtVaSvrgOFw9RxKMn5ecbCKnIY7:zHHZMRNjKySdLcOiH5ecbCKnN
Score

3^/10
behavioral29
- Target
  
  wpfgfx_cor3.dll
- Size
  
  1.7MB
- MD5
  
  52d8f7f0ab9d679209b707c7ebc8377e
- SHA1
  
  7042a8788ea40f29b2fab2ec249dfd9e8c6ed7e6
- SHA256
  
  69c03db89ad14cdf2c05db284d1452a517d7127bafd871334685d715f662d203
- SHA512
  
  8617663d2292ca05d1873cbf9cf2397a0e56214c5bf5d66d5b1c8e95658a5604e1d27656ce853d1306c4a21575e3fe45934a0b8e5bb256644cd064b8d8269c87
- SSDEEP
  
  24576:jA4+95hzAxEvPcYCUhGU6YVjfB458Yqj0ggwBklV3SFyyTNjnm81d1:k4+fxAxEvPXG+Ig0GFycND9d1
Score

1^/10
behavioral30
- Target
  
  wscf.exe
- Size
  
  289KB
- MD5
  
  25330672ddf4763c86f65438ea2561d6
- SHA1
  
  94a602fffe514fdc9d3824263f6491f1342a9cf2
- SHA256
  
  266d4d9769b1498992fc953f2c82b9b6853b311f06adca63825a07c4dce72da0
- SHA512
  
  0cb2aea5155843e9ba4a5657acb8451665a722720f0e1d4a66935752aaaabcb56b032f31a5dbf4e5f4f310f28ca0d9e597c2f3f12a9a162e56063338db018630
- SSDEEP
  
  6144:TFb5y9XQG2/4xIdIevQiwhnFPEuEORXaRsRZKoAOWL8DYrS:TZ5GQG2/4xIxBhuEORXaRsRZKoAYYW
Score

1^/10
behavioral31
- Target
  
  x86/update.dll
- Size
  
  3.1MB
- MD5
  
  8fcfabdf2458336b061a06d7362f1c37
- SHA1
  
  ed669e2c73292d3a6510ed9d670bdf56cb7ca92d
- SHA256
  
  fc85d8cc5fe0327be1253c1f69ca48eaa30d9aa583becb6f1e678e7960e33022
- SHA512
  
  056eb2071e33efaa7ac52002a906008baf0f8c59f8fcc99c500510c327a6b2917922706c9ec05e12f716573d6d9321e28190f1a911f765d596fd4c0d4c882dec
- SSDEEP
  
  49152:Clg4XDo+apyPH5kscRzpBvMXBoHI1LFQQ2W9gtxWhToexMX+tPTqH8dO0t3z6XJh:Clg8oskscR/MRoHI1L0tiTVhqHuO0a
Score

3^/10
behavioral32