hxxps://github[.]com/Zusyaku/Malware-Collection-Part-2/raw/main/HorrorTrojan123[.]exe

General

Target

https://github.com/Zusyaku/Malware-Collection-Part-2/raw/main/HorrorTrojan123.exe

Score

8^/10

Malware Config

Signatures

Downloads MZ/PE file
Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs

Web Service
T1102

Processes:

flow ioc

11 raw.githubusercontent.com
12 raw.githubusercontent.com

flow	ioc
11	raw.githubusercontent.com
12	raw.githubusercontent.com

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

chrome.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

Processes:

chrome.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133607170139124609"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

Processes:

chrome.exechrome.exe

pid process

2384 chrome.exe
2384 chrome.exe
4048 chrome.exe
4048 chrome.exe
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

Processes:

chrome.exe

pid process

2384 chrome.exe
2384 chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

chrome.exe

description	pid	process
Token: SeShutdownPrivilege	2384	chrome.exe
Token: SeCreatePagefilePrivilege	2384	chrome.exe
Token: SeShutdownPrivilege	2384	chrome.exe
Token: SeCreatePagefilePrivilege	2384	chrome.exe
Token: SeShutdownPrivilege	2384	chrome.exe
Token: SeCreatePagefilePrivilege	2384	chrome.exe
Token: SeShutdownPrivilege	2384	chrome.exe
Token: SeCreatePagefilePrivilege	2384	chrome.exe
Token: SeShutdownPrivilege	2384	chrome.exe
Token: SeCreatePagefilePrivilege	2384	chrome.exe
Token: SeShutdownPrivilege	2384	chrome.exe
Token: SeCreatePagefilePrivilege	2384	chrome.exe
Token: SeShutdownPrivilege	2384	chrome.exe
Token: SeCreatePagefilePrivilege	2384	chrome.exe
Token: SeShutdownPrivilege	2384	chrome.exe
Token: SeCreatePagefilePrivilege	2384	chrome.exe
Token: SeShutdownPrivilege	2384	chrome.exe
Token: SeCreatePagefilePrivilege	2384	chrome.exe
Token: SeShutdownPrivilege	2384	chrome.exe
Token: SeCreatePagefilePrivilege	2384	chrome.exe
Token: SeShutdownPrivilege	2384	chrome.exe
Token: SeCreatePagefilePrivilege	2384	chrome.exe
Token: SeShutdownPrivilege	2384	chrome.exe
Token: SeCreatePagefilePrivilege	2384	chrome.exe
Token: SeShutdownPrivilege	2384	chrome.exe
Token: SeCreatePagefilePrivilege	2384	chrome.exe
Token: SeShutdownPrivilege	2384	chrome.exe
Token: SeCreatePagefilePrivilege	2384	chrome.exe
Token: SeShutdownPrivilege	2384	chrome.exe
Token: SeCreatePagefilePrivilege	2384	chrome.exe
Token: SeShutdownPrivilege	2384	chrome.exe
Token: SeCreatePagefilePrivilege	2384	chrome.exe
Token: SeShutdownPrivilege	2384	chrome.exe
Token: SeCreatePagefilePrivilege	2384	chrome.exe
Token: SeShutdownPrivilege	2384	chrome.exe
Token: SeCreatePagefilePrivilege	2384	chrome.exe
Token: SeShutdownPrivilege	2384	chrome.exe
Token: SeCreatePagefilePrivilege	2384	chrome.exe
Token: SeShutdownPrivilege	2384	chrome.exe
Token: SeCreatePagefilePrivilege	2384	chrome.exe
Token: SeShutdownPrivilege	2384	chrome.exe
Token: SeCreatePagefilePrivilege	2384	chrome.exe
Token: SeShutdownPrivilege	2384	chrome.exe
Token: SeCreatePagefilePrivilege	2384	chrome.exe
Token: SeShutdownPrivilege	2384	chrome.exe
Token: SeCreatePagefilePrivilege	2384	chrome.exe
Token: SeShutdownPrivilege	2384	chrome.exe
Token: SeCreatePagefilePrivilege	2384	chrome.exe
Token: SeShutdownPrivilege	2384	chrome.exe
Token: SeCreatePagefilePrivilege	2384	chrome.exe
Token: SeShutdownPrivilege	2384	chrome.exe
Token: SeCreatePagefilePrivilege	2384	chrome.exe
Token: SeShutdownPrivilege	2384	chrome.exe
Token: SeCreatePagefilePrivilege	2384	chrome.exe
Token: SeShutdownPrivilege	2384	chrome.exe
Token: SeCreatePagefilePrivilege	2384	chrome.exe
Token: SeShutdownPrivilege	2384	chrome.exe
Token: SeCreatePagefilePrivilege	2384	chrome.exe
Token: SeShutdownPrivilege	2384	chrome.exe
Token: SeCreatePagefilePrivilege	2384	chrome.exe
Token: SeShutdownPrivilege	2384	chrome.exe
Token: SeCreatePagefilePrivilege	2384	chrome.exe
Token: SeShutdownPrivilege	2384	chrome.exe
Token: SeCreatePagefilePrivilege	2384	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

Processes:

chrome.exe

pid	process
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

Processes:

chrome.exe

pid	process
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe
2384	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

chrome.exe

description	pid	process	target process
PID 2384 wrote to memory of 4792	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 4792	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2872	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2872	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2872	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2872	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2872	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2872	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2872	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2872	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2872	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2872	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2872	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2872	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2872	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2872	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2872	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2872	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2872	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2872	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2872	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2872	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2872	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2872	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2872	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2872	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2872	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2872	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2872	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2872	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2872	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2872	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2872	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 4168	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 4168	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2464	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2464	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2464	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2464	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2464	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2464	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2464	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2464	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2464	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2464	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2464	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2464	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2464	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2464	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2464	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2464	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2464	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2464	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2464	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2464	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2464	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2464	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2464	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2464	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2464	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2464	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2464	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2464	2384	chrome.exe	chrome.exe
PID 2384 wrote to memory of 2464	2384	chrome.exe	chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/Zusyaku/Malware-Collection-Part-2/raw/main/HorrorTrojan123.exe
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2384

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb5a73ab58,0x7ffb5a73ab68,0x7ffb5a73ab78
2⤵
PID:4792

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1700 --field-trial-handle=1824,i,15043996376491801208,3720574888954197518,131072 /prefetch:2
2⤵
PID:2872

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1824,i,15043996376491801208,3720574888954197518,131072 /prefetch:8
2⤵
PID:4168

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2224 --field-trial-handle=1824,i,15043996376491801208,3720574888954197518,131072 /prefetch:8
2⤵
PID:2464

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3068 --field-trial-handle=1824,i,15043996376491801208,3720574888954197518,131072 /prefetch:1
2⤵
PID:1340

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3084 --field-trial-handle=1824,i,15043996376491801208,3720574888954197518,131072 /prefetch:1
2⤵
PID:752

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4640 --field-trial-handle=1824,i,15043996376491801208,3720574888954197518,131072 /prefetch:8
2⤵
PID:3900

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4832 --field-trial-handle=1824,i,15043996376491801208,3720574888954197518,131072 /prefetch:8
2⤵
PID:5108

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5112 --field-trial-handle=1824,i,15043996376491801208,3720574888954197518,131072 /prefetch:8
2⤵
PID:3004

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4964 --field-trial-handle=1824,i,15043996376491801208,3720574888954197518,131072 /prefetch:8
2⤵
PID:1576

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1644 --field-trial-handle=1824,i,15043996376491801208,3720574888954197518,131072 /prefetch:2
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:4048

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:1652

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1

T1012

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Web Service

1

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
d6ef59d7ba0e508eb4d0cb3870527b61

SHA1
f585fc340f564f19aca3501a5f22535acd24b363

SHA256
895f4959738310720dd406d5c9053ca2d3b23292cdc1f454dc18e544aaa81acf

SHA512
18090031ea760e8ff54cb717fa1586ea824ae739ccfe9241c6568913ff4c5c54a864c078c7602ac376251eb3c4dd4c58365e80361987b80539509750b270ffa0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
2446bf30e36801b58b7079d9983341e8

SHA1
86557514f908eae95bb0095df6281593fdeccfab

SHA256
93617291f15bea6932944df9be9da6a9e77023e365ca6d688540e800b423c414

SHA512
8c7b5848e011586948d4751de00eb54990720bfcf31ea3659dc7a8c80f09e71bd1a3eb485b80eecbb1f9489965060dca42db2c6b5f855ff6287056d3a46734f7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
687B

MD5
51d7dfe1e4725cc1b7758bfddba6ce51

SHA1
56af457b90a4abf6b4b547ac676b885c745790fc

SHA256
c5f81dbb853c6337eff7781761184dc8b5f09f799482a3fcf51d4ef0a9ddc929

SHA512
e074ee92e6042f3299d73807cc085ac193c67a4c7852dfb4c0d509e3b9e29ad4c351afedc65f9ab939156e321d9390aae7f2d795242166331a731f73b9f01819

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
527878dea81fbf9ac2701a87c360a5f1

SHA1
8a2b6ced0c0aa1c3c6a7bc929600bb14a0d9697c

SHA256
b743f74e58e76119ce6fd67036a023967fe85289a8462b8c5015a0bba1201f78

SHA512
c3f22f3d82c660bfc66f4662df695733d62e4cfb31fef3e3285a3fccb21eeafafd63304a78b3183c9e7afce5e502c0cf2f273106676c05fbe4616ee833e52e42

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
130KB

MD5
443fbc5f63b3d8f6eb27c61f20d6666c

SHA1
9d8573a606e78992bc0ddefcfc5af4700be9b4f8

SHA256
d67c8f20fe722730f7f34454563983c0b2731e2392a1edb82bda0d660cc33adb

SHA512
5d5cb1ab053d9f68f06cd1e8c38bd1292b578ae6285a893a69e3e40e0686ab55fa4d2b0743552d5e6b96fae35993d5aea75ecb195728869daa94ceec27c78f06

Download Submit
\??\pipe\crashpad_2384_ZKLGKZYTNHVPYJPV

MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads