Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

16/04/2024, 19:44

240416-yfyf3aag99 7

16/04/2024, 19:29

240416-x7jljscb21 7

General

  • Target

    Mauqes.exe

  • Size

    74.4MB

  • Sample

    240416-yfyf3aag99

  • MD5

    14e19ac4fb9d73eddbddbf39f020b36b

  • SHA1

    1a8caccf9c6f59c2562e39f475ed0e5f0e8c334c

  • SHA256

    49d3da4a93495e17dc507de8e4e25cd5a038d199da49e34250f423b9fcfedca9

  • SHA512

    57ffc0a2dd876967643bfe70297ca8d17a0df6dfbf764e7ec14e9b82a1910c03c170be0c9b1d463e82cf88f2504677c93afd3ea5ebbd0842d60b595f3eef8f4a

  • SSDEEP

    1572864:oP6LBY5tJfzUYQdgJnsI0SNcucgzxTMWIyFk2JrydyQ:o2uqR+JnsqN0QMWxrEy

Score
7/10

Malware Config

Targets

    • Target

      Mauqes.exe

    • Size

      74.4MB

    • MD5

      14e19ac4fb9d73eddbddbf39f020b36b

    • SHA1

      1a8caccf9c6f59c2562e39f475ed0e5f0e8c334c

    • SHA256

      49d3da4a93495e17dc507de8e4e25cd5a038d199da49e34250f423b9fcfedca9

    • SHA512

      57ffc0a2dd876967643bfe70297ca8d17a0df6dfbf764e7ec14e9b82a1910c03c170be0c9b1d463e82cf88f2504677c93afd3ea5ebbd0842d60b595f3eef8f4a

    • SSDEEP

      1572864:oP6LBY5tJfzUYQdgJnsI0SNcucgzxTMWIyFk2JrydyQ:o2uqR+JnsqN0QMWxrEy

    Score
    7/10
    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Target

      $PLUGINSDIR/SpiderBanner.dll

    • Size

      9KB

    • MD5

      17309e33b596ba3a5693b4d3e85cf8d7

    • SHA1

      7d361836cf53df42021c7f2b148aec9458818c01

    • SHA256

      996a259e53ca18b89ec36d038c40148957c978c0fd600a268497d4c92f882a93

    • SHA512

      1abac3ce4f2d5e4a635162e16cf9125e059ba1539f70086c2d71cd00d41a6e2a54d468e6f37792e55a822d7082fb388b8dfecc79b59226bbb047b7d28d44d298

    • SSDEEP

      192:5lkE3uqRI1y7/xcfK4PRef6gQzJyY1rpKlVrw:5lkMBI1y7UKcef6XzJrpKY

    Score
    1/10
    • Target

      $PLUGINSDIR/StdUtils.dll

    • Size

      100KB

    • MD5

      c6a6e03f77c313b267498515488c5740

    • SHA1

      3d49fc2784b9450962ed6b82b46e9c3c957d7c15

    • SHA256

      b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e

    • SHA512

      9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803

    • SSDEEP

      3072:WNuZmJ9TDP3ahD2TF7Rq9cJNPhF9vyHf:WNuZ81zaAFHhF9v

    Score
    3/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      12KB

    • MD5

      0d7ad4f45dc6f5aa87f606d0331c6901

    • SHA1

      48df0911f0484cbe2a8cdd5362140b63c41ee457

    • SHA256

      3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca

    • SHA512

      c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9

    • SSDEEP

      192:1enY0LWelt70elWjvfstJcVtwtYbjnIOg5AaDnbC7ypXhtIj:18PJlt70esj0Mt9vn6ay6

    Score
    3/10
    • Target

      $PLUGINSDIR/WinShell.dll

    • Size

      3KB

    • MD5

      1cc7c37b7e0c8cd8bf04b6cc283e1e56

    • SHA1

      0b9519763be6625bd5abce175dcc59c96d100d4c

    • SHA256

      9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6

    • SHA512

      7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f

    Score
    3/10
    • Target

      $PLUGINSDIR/app-32.7z

    • Size

      74.0MB

    • MD5

      06d2ecefe951040fa80fc7e71231afdd

    • SHA1

      bf9593f195801f81591c737bb720c33087552c1c

    • SHA256

      be4511a1cde25b04682e214fa507ecd4638d72be8d71cb6b1c4e20da5111756d

    • SHA512

      049d3d4b0c3fe21d8db2dbb20678a313dc88d8cefe022ce61b9a11c67311f1e600ce6d5263975793d17fa8bb2da521f621148d302f62edef0a0104feceeacad3

    • SSDEEP

      1572864:r6LBY5tJfzUYQdgJnsI0SNcucgzxTMWIyFk2JrydyQ0:yuqR+JnsqN0QMWxrEyL

    Score
    3/10
    • Target

      LICENSE.electron.txt

    • Size

      1KB

    • MD5

      4d42118d35941e0f664dddbd83f633c5

    • SHA1

      2b21ec5f20fe961d15f2b58efb1368e66d202e5c

    • SHA256

      5154e165bd6c2cc0cfbcd8916498c7abab0497923bafcd5cb07673fe8480087d

    • SHA512

      3ffbba2e4cd689f362378f6b0f6060571f57e228d3755bdd308283be6cbbef8c2e84beb5fcf73e0c3c81cd944d01ee3fcf141733c4d8b3b0162e543e0b9f3e63

    Score
    1/10
    • Target

      LICENSES.chromium.html

    • Size

      7.9MB

    • MD5

      312446edf757f7e92aad311f625cef2a

    • SHA1

      91102d30d5abcfa7b6ec732e3682fb9c77279ba3

    • SHA256

      c2656201ac86438d062673771e33e44d6d5e97670c3160e0de1cb0bd5fbbae9b

    • SHA512

      dce01f2448a49a0e6f08bbde6570f76a87dcc81179bb51d5e2642ad033ee81ae3996800363826a65485ab79085572bbace51409ae7102ed1a12df65018676333

    • SSDEEP

      24576:dbTy6TU675kfWScRQfJw91SmfJB6i6e6R626X8HHdE/pG6:tygpj

    Score
    1/10
    • Target

      asdasdasd.exe

    • Size

      131.9MB

    • MD5

      7bfb255681df845fa08e937447fa5c4a

    • SHA1

      3132cb69dbcf8964b9f8f286b2e2a14e47e614f7

    • SHA256

      b018ff7173447e00dcdf50ea416152ca45eafa0b373d15c02a45f52ae9ce142c

    • SHA512

      85aab548b1bfd1d9c4323af21a3c4231c75e8bd4484df53137799043c63677827779c3e99c00a95d5ea713165d29c9c95978a510c9ae33676e8656faf6e15228

    • SSDEEP

      1572864:84sMLl/BkZTVV2iplzf+ekzrMdTOG0AfhgojwlwVgmPQtn06H9rejAEdCoIZXCVv:hl/BkVVPBDgmPKa5Wnu3X7

    Score
    7/10
    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Target

      chrome_100_percent.pak

    • Size

      124KB

    • MD5

      acd0fa0a90b43cd1c87a55a991b4fac3

    • SHA1

      17b84e8d24da12501105b87452f86bfa5f9b1b3c

    • SHA256

      ccbca246b9a93fa8d4f01a01345e7537511c590e4a8efd5777b1596d10923b4b

    • SHA512

      3e4c4f31c6c7950d5b886f6a8768077331a8f880d70b905cf7f35f74be204c63200ff4a88fa236abccc72ec0fc102c14f50dd277a30f814f35adfe5a7ae3b774

    • SSDEEP

      3072:vlKzwqCT4wDNzIwL2o418Gb0+VRLf0ld0GY3cQ39Vm2I:vlKzwt4uEgK18Gb0OV8ld0GecQ3f2

    Score
    3/10
    • Target

      chrome_200_percent.pak

    • Size

      173KB

    • MD5

      4610337e3332b7e65b73a6ea738b47df

    • SHA1

      8d824c9cf0a84ab902e8069a4de9bf6c1a9aaf3b

    • SHA256

      c91abf556e55c29d1ea9f560bb17cc3489cb67a5d0c7a22b58485f5f2fbcf25c

    • SHA512

      039b50284d28dcd447e0a486a099fa99914d29b543093cccda77bbefdd61f7b7f05bb84b2708ae128c5f2d0c0ab19046d08796d1b5a1cff395a0689ab25ccb51

    • SSDEEP

      3072:4DQYaEQN6AJPKNzIwafR54x5GMR+F44ffbdZnYw9p4AbIVGYoDd+HxNK/rIM0:4DQYaNN68QEVgx5GMRejnbdZnVE6YopY

    Score
    3/10
    • Target

      d3dcompiler_47.dll

    • Size

      3.9MB

    • MD5

      3b4647bcb9feb591c2c05d1a606ed988

    • SHA1

      b42c59f96fb069fd49009dfd94550a7764e6c97c

    • SHA256

      35773c397036b368c1e75d4e0d62c36d98139ebe74e42c1ff7be71c6b5a19fd7

    • SHA512

      00cd443b36f53985212ac43b44f56c18bf70e25119bbf9c59d05e2358ff45254b957f1ec63fc70fb57b1726fd8f76ccfad8103c67454b817a4f183f9122e3f50

    • SSDEEP

      49152:OS7PQ+besnXqRtHKzhwSsz6Ku1FVVOsLQuouM0MeAD36FqxLfeIgSNwLTzHiU2Ir:O4PhqqFVUsLQl6FqVCLTzHxJIMd

    Score
    3/10
    • Target

      ffmpeg.dll

    • Size

      2.5MB

    • MD5

      1bb0e1140ef08440ad47d80b70dbf742

    • SHA1

      c2e4243bad76b465b5ab39865ac023db1632d6b0

    • SHA256

      c0d9edde3864d9450744f4bc526a98608b629aeed01c6647f600802e1b1cf671

    • SHA512

      29d71e3bd7df7014a03e26ca6ee5b59ff6e3d06096742fae5dec6282abd1f0d2f24c886a503e3a691d38cc68e0da504a7f657dcec4758b640a1a523d3eeaa57a

    • SSDEEP

      49152:YKM7YWN1tYNFKtJPP5f+8xH6UahvIxi9xrBYHZU7ewdCUQFdqQi9muA:YKM7YWNT2Kt9QoaUalEi9xqZ29dA

    Score
    1/10
    • Target

      icudtl.dat

    • Size

      10.1MB

    • MD5

      d89ce8c00659d8e5d408c696ee087ce3

    • SHA1

      49fc8109960be3bb32c06c3d1256cb66dded19a8

    • SHA256

      9dfbe0dad5c7021cfe8df7f52458c422cbc5be9e16ff33ec90665bb1e3f182de

    • SHA512

      db097ce3eb9e132d0444df79b167a7dcb2df31effbbd3df72da3d24ae2230cc5213c6df5e575985a9918fbd0a6576e335b6ebc12b6258bc93fa205399de64c37

    • SSDEEP

      98304:OKPBQYOo+ddlymOk25flQCUliXUxiG9Ha93Whla6ZGdnp/8k:OKPBhORjOhCliXUxiG9Ha93Whla6ZGrn

    Score
    3/10
    • Target

      libEGL.dll

    • Size

      371KB

    • MD5

      e0a5d1a5d55dffb55513acb736cef1c1

    • SHA1

      307fc023790af5bf3d45678de985e8e9f34896f7

    • SHA256

      aa5da4005c76cfe5195b69282b2ad249d7dc2300bbc979592bd67315fc30c669

    • SHA512

      094e23869fd42c60f83e0f4d1a2cd1a29d2efd805ac02a01ce9700b8e7b0e39e52fe86503264a0298c85f0d02b38620f1e773f2ea981f3049aeba3104b04253f

    • SSDEEP

      6144:6FVfk760MmXXwvT3WpVgvpqwm9SPECshBZeD6EHh:267rjnpVgvpqwm93rIW

    Score
    1/10
    • Target

      libGLESv2.dll

    • Size

      6.4MB

    • MD5

      44f7c21b6010048e0dcdc43d83ebd357

    • SHA1

      d0a4dfd8dbae1a8421c3043315d78ecd84502b16

    • SHA256

      f6259a9b9c284ee5916447dd9d0ba051c2908c9d3662d42d8bbe6ce6d65a37de

    • SHA512

      7e03538dd8e798d0e808a8fc6e149e83de9f8404e839900f6c9535da6aac8ef4d5c31044e547dde34dcece1255fab9a9255fa069a99fcb08e49785d812b3887c

    • SSDEEP

      98304:ZHYQkvdLN+UNQR14/hr5njmwSNDBVO0Bz7arD+0t1t0zA5Lgs2+A1tCw:itvwq/hr5jmwSVBJBz7arQA+sq1tC

    Score
    3/10
    • Target

      locales/en-US.pak

    • Size

      338KB

    • MD5

      5e3813e616a101e4a169b05f40879a62

    • SHA1

      615e4d94f69625dda81dfaec7f14e9ee320a2884

    • SHA256

      4d207c5c202c19c4daca3fddb2ae4f747f943a8faf86a947eef580e2f2aee687

    • SHA512

      764a271a9cfb674cce41ee7aed0ad75f640ce869efd3c865d1b2d046c9638f4e8d9863a386eba098f5dcedd20ea98bad8bca158b68eb4bdd606d683f31227594

    • SSDEEP

      6144:xiLqIY2MuZYLMMP9ecGmM8faYdY4K55TiSbn8vMwS:xiLqIp34MM+mM0Y55eSKMwS

    Score
    3/10
    • Target

      resources.pak

    • Size

      5.0MB

    • MD5

      7d5065ecba284ed704040fca1c821922

    • SHA1

      095fcc890154a52ad1998b4b1e318f99b3e5d6b8

    • SHA256

      a10c3d236246e001cb9d434a65fc3e8aa7acddddd9608008db5c5c73dee0ba1f

    • SHA512

      521b2266e3257adaa775014f77b0d512ff91b087c2572359d68ffe633b57a423227e3d5af8ee4494538f1d09aa45ffa1fe8e979814178512c37f7088ddd7995d

    • SSDEEP

      98304:HLYxfQVcnNWz49PDq2AwpmqdhBh1Dd42cjrwrbHw4o0DPelwG3RC:H0pQGcMButuBhpd4jkrU4oeelrRC

    Score
    3/10
    • Target

      resources/app.asar

    • Size

      44.8MB

    • MD5

      d9be45a20c59b9ed861905fc6ab1d5ba

    • SHA1

      f2d56ea7cf841c89544a7f6e79cd1addaa362d0d

    • SHA256

      6512399a6daa4052e7a78a9d3ef3abe452b33c393a51d134403b344eb7670be8

    • SHA512

      738643884b4868184c6bedbdbf6535ea2225485548aaa063d82a1c8eb23315e587e047c24525a99b05602014eb2168e1a295e4142d21fd52b14a96a104eb38ad

    • SSDEEP

      786432:7/Wy7lAnutWTAZKRP4QDM0WyfzANtP6ChuVc:71lmwizANtP6ChuVc

    Score
    3/10
    • Target

      resources/elevate.exe

    • Size

      105KB

    • MD5

      792b92c8ad13c46f27c7ced0810694df

    • SHA1

      d8d449b92de20a57df722df46435ba4553ecc802

    • SHA256

      9b1fbf0c11c520ae714af8aa9af12cfd48503eedecd7398d8992ee94d1b4dc37

    • SHA512

      6c247254dc18ed81213a978cce2e321d6692848c64307097d2c43432a42f4f4f6d3cf22fb92610dfa8b7b16a5f1d94e9017cf64f88f2d08e79c0fe71a9121e40

    • SSDEEP

      3072:1bLnrwQoRDtdMMgSXiFJWcIgUVCfRjV/GrWl:1PrwRhte1XsE1l

    Score
    1/10
    • Target

      snapshot_blob.bin

    • Size

      214KB

    • MD5

      916127734bc7c5b0db478191a37fc19a

    • SHA1

      f9d868c2578f14513fcb95e109aec795c98dbba3

    • SHA256

      e19ed7fb96e19bb5bfe791df03561d654ea5d52021c3403a2652f439a8d77801

    • SHA512

      d291b26568572d5777b036577ddf30c1b6c6c41e9d53ef2d8af735db001ea5c568371f3907fbffc02feee628f0f29afb718ae5deb32ff245a37947a7b1b9c297

    • SSDEEP

      3072:PCwB4XM5LZsfo0p7SnaCCz3wqTYLmN6hdSajAvDGc/dH4WBlkwHvwi0UQn1nWIa3:KwNsf5PBt

    Score
    3/10
    • Target

      v8_context_snapshot.bin

    • Size

      511KB

    • MD5

      4f4d00247758c684c295243ddedd2948

    • SHA1

      f8e8fc6c22fde9df1d60c329e38b38a85f96bb69

    • SHA256

      4ea84c4465eea20b46e6ded30f711f1e0d61e15574d861b0210819abd5e895e5

    • SHA512

      2c335672979114bd68ff6f1b1b94235fbf072fe8642cad1f7d61855b92741f0633fa0ccb77cd520be560db2d3ac75f9be08e22806487bf5d3045781e3903ad45

    • SSDEEP

      6144:51ZU4IFZ/X+KBIViMMg8zYOK8B4UnK83ItBaUHK:nZaZ/OiY2BnrUAF

    Score
    3/10
    • Target

      vk_swiftshader.dll

    • Size

      4.5MB

    • MD5

      65a5705d95a0820740b3396851ff1751

    • SHA1

      a692a80bafc41ba1b29ef19890f8465b3fb20dcb

    • SHA256

      4c4b935cbb320033f504a89b1eb0a4bcb176bbd46a5981153cb1f54deb146a1c

    • SHA512

      0c5df23b96eaf952c4a498ff6d854df2b62e7631b16c2855ed37ddbadffba3dd52e7450f2e06cf094bec2e0d70d14c87a652150766d90ec8662e03123df5942d

    • SSDEEP

      98304:x2GmsucG1vUTM3SFhCrHglx7LQDCwchuW6ugI:cuuF4XhCGLQDCaI

    Score
    3/10
    • Target

      vk_swiftshader_icd.json

    • Size

      106B

    • MD5

      8642dd3a87e2de6e991fae08458e302b

    • SHA1

      9c06735c31cec00600fd763a92f8112d085bd12a

    • SHA256

      32d83ff113fef532a9f97e0d2831f8656628ab1c99e9060f0332b1532839afd9

    • SHA512

      f5d37d1b45b006161e4cefeebba1e33af879a3a51d16ee3ff8c3968c0c36bbafae379bf9124c13310b77774c9cbb4fa53114e83f5b48b5314132736e5bb4496f

    Score
    3/10
    • Target

      vulkan-1.dll

    • Size

      786KB

    • MD5

      a947c5d8fec95a0f24b4143ced301209

    • SHA1

      ebf3089985377a58b8431a14e22a814857287aaf

    • SHA256

      29cb256921a1b0f222c82650469d534ccdf038d1f395b3aaa9f1086918f5d3fa

    • SHA512

      75f5e055f4422b5558fc1cb3ea84fb7cbeaae6f71c786cc06c295d4ab51c0b1c84e28a7c89fe544f007dbe8e612bed4059139f1575934fe4bac8e538c674ebd3

    • SSDEEP

      24576:cJObHhG7TEnCGlrpZpjL4TB46Z5WODYsHh6g3P0zAk722:c0c7TECgpZpju46Z5WODYsHh6g3P0zA+

    Score
    3/10
    • Target

      $PLUGINSDIR/nsExec.dll

    • Size

      6KB

    • MD5

      ec0504e6b8a11d5aad43b296beeb84b2

    • SHA1

      91b5ce085130c8c7194d66b2439ec9e1c206497c

    • SHA256

      5d9ceb1ce5f35aea5f9e5a0c0edeeec04dfefe0c77890c80c70e98209b58b962

    • SHA512

      3f918f1b47e8a919cbe51eb17dc30acc8cfc18e743a1bae5b787d0db7d26038dc1210be98bf5ba3be8d6ed896dbbd7ac3d13e66454a98b2a38c7e69dad30bb57

    • SSDEEP

      96:YjHFiKaoggCtJzTlKXb0tbo68qD853Ns7GgmkNq3m+s:JbogRtJzTlNR8qD85uGgmkNr

    Score
    3/10
    • Target

      $PLUGINSDIR/nsis7z.dll

    • Size

      424KB

    • MD5

      80e44ce4895304c6a3a831310fbf8cd0

    • SHA1

      36bd49ae21c460be5753a904b4501f1abca53508

    • SHA256

      b393f05e8ff919ef071181050e1873c9a776e1a0ae8329aefff7007d0cadf592

    • SHA512

      c8ba7b1f9113ead23e993e74a48c4427ae3562c1f6d9910b2bbe6806c9107cf7d94bc7d204613e4743d0cd869e00dafd4fb54aad1e8adb69c553f3b9e5bc64df

    • SSDEEP

      6144:aUWQQ5O3fz0NG3ucDaEUTWfk+ZA0NrCL/k+uyoyBOX1okfW7w+Pfzqibckl:an5QEG39fPAkrE4yrBOXDfaNbck

    Score
    3/10
    • Target

      $R0/Uninstall asdasdasd.exe

    • Size

      135KB

    • MD5

      c19800b5afd0a1cd4bb8582e02b99c14

    • SHA1

      5273804157c1bc20dfa3e41ac30c1e829c34cfd7

    • SHA256

      a823c20b85e04cedb0a326f5e1c8b7461548dd5c7a323de6a8316a036aff935a

    • SHA512

      6ebf8a45ee0d8109ada63d5966163c3fe209d654e6a6bbc7ff6ccd6dd10f86545d3d0f079f0a4bfec5fac8ff2be3642fc0100b2618528e8973bfe80a90919c84

    • SSDEEP

      3072:sn77v00hEoDEtautceAsg82aH2tvhOEA1RJCir86SrSrv6Ia3B:s740Idmsg82s2t0EyL+yax

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Target

      $PLUGINSDIR/StdUtils.dll

    • Size

      100KB

    • MD5

      c6a6e03f77c313b267498515488c5740

    • SHA1

      3d49fc2784b9450962ed6b82b46e9c3c957d7c15

    • SHA256

      b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e

    • SHA512

      9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803

    • SSDEEP

      3072:WNuZmJ9TDP3ahD2TF7Rq9cJNPhF9vyHf:WNuZ81zaAFHhF9v

    Score
    3/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      12KB

    • MD5

      0d7ad4f45dc6f5aa87f606d0331c6901

    • SHA1

      48df0911f0484cbe2a8cdd5362140b63c41ee457

    • SHA256

      3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca

    • SHA512

      c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9

    • SSDEEP

      192:1enY0LWelt70elWjvfstJcVtwtYbjnIOg5AaDnbC7ypXhtIj:18PJlt70esj0Mt9vn6ay6

    Score
    3/10
    • Target

      $PLUGINSDIR/WinShell.dll

    • Size

      3KB

    • MD5

      1cc7c37b7e0c8cd8bf04b6cc283e1e56

    • SHA1

      0b9519763be6625bd5abce175dcc59c96d100d4c

    • SHA256

      9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6

    • SHA512

      7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f

    Score
    3/10
    • Target

      $PLUGINSDIR/nsExec.dll

    • Size

      6KB

    • MD5

      ec0504e6b8a11d5aad43b296beeb84b2

    • SHA1

      91b5ce085130c8c7194d66b2439ec9e1c206497c

    • SHA256

      5d9ceb1ce5f35aea5f9e5a0c0edeeec04dfefe0c77890c80c70e98209b58b962

    • SHA512

      3f918f1b47e8a919cbe51eb17dc30acc8cfc18e743a1bae5b787d0db7d26038dc1210be98bf5ba3be8d6ed896dbbd7ac3d13e66454a98b2a38c7e69dad30bb57

    • SSDEEP

      96:YjHFiKaoggCtJzTlKXb0tbo68qD853Ns7GgmkNq3m+s:JbogRtJzTlNR8qD85uGgmkNr

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks